Note: The job is a remote job and is open to candidates in USA. Victoria’s Secret & Co. is a world-leading specialty retail brand recognized globally for innovation and excellence in lingerie and fashion. They are seeking a Manager of Information Security who will lead the Incident Response team and establish a dedicated insider risk team to defend the organization from internal threats while fostering a culture of inclusivity and technical expertise.
Responsibilities
• Lead the Incident Response team and coach team members through incident response and management
• Be available 24/7 for on-call purposes in leading incidents that span multiple time zones
• Establish and lead a dedicated insider risk team, leveraging people, process, and technology to best defend our organization from potential internal threats
• Hold our incident handlers accountable to following process, documenting process, and thorough cyber investigations to protect VS&Co to its fullest potential
• Ensure incident handlers have adequate knowledge of the environment they are protecting
• Participate and help lead technical tabletop exercises for IT and security stakeholders, simulating real-world attack scenarios
• Responsible for development of team members in both offensive and defensive security disciplines – driving alignment on technologies and platforms in use at VS&Co
• Conduct administrative management duties including performance management, talent development and related administrative tasks
• Develop, tune, and report on KPI’s for our SOC, and insider risk teams
• Oversee deployment, tuning, and operational use of insider risk technologies (DLP, UEBA, CASB, IAM analytics)
Skills
• 8+ years' experience in Cybersecurity Technologies
• 3–5 years of experience in incident response handling
• 3–5 years of experience utilizing enterprise security toolsets for investigations and proactive security control enforcement (SIEM, EDR, firewall, WAF, etc.)
• Demonstrated hands-on expertise and impact in similar roles in fast-paced, complex environments
• Strong understanding of MITRE ATT&CK framework, threat emulation, and detection engineering
• Experience utilizing telemetry of all types; including, but not limited to: DLP, UEBA, CASB, IAM toolsets, and cloud service providers (Azure, GCP, AWS)
• Proven leadership or mentoring experience in cybersecurity teams
• Ability to communicate and engage effectively at all levels of the organization within IT and with non-IT stakeholders
• Experience in building purple team programs from the ground up
• Familiarity with cyber threat intelligence and TTP development
• Experience managing third parties to help deliver managed bot mitigation and WAF capabilities for web-based applications
• Relevant certifications (e.g., CISSP, GCIH, CTIP, SSCP, CISM)
• Experience working in or securing retail environments, including POS systems, eCommerce platforms, and distributed IT infrastructure
• Bachelor's degree in information technology or equivalent experience
Company Overview
• Victoria’s Secret & Co. It was founded in 1977, and is headquartered in Columbus, Ohio, USA, with a workforce of 10001+ employees. Its website is https://www.victoriassecret.com/.
Company H1B Sponsorship
• Victoria’s Secret & Co. has a track record of offering H1B sponsorships, with 4 in 2025, 3 in 2024, 5 in 2023, 5 in 2021. Please note that this does not guarantee sponsorship for this specific role.