Sally Beauty

Information Security Analyst

2 months ago(11/17/2017 6:09 PM)


Sally Beauty Holdings (NYSE: SBH) is the world’s largest wholesale and retail distributor of beauty supplies.  Our world headquarters is conveniently located in Denton Texas, just 5 minutes north of Lake Lewisville off of I35E. We currently have an opening for an Information Security Analyst. 


Our Information Security Analyst participates in the identification, tracking, and monitoring of information security threats and service operations. Analyst will develop policies and procedures for approval by the appropriate steering committees. Analyst utilizes established processes and tools to focus on threat identification, analysis, and remediation. Analyst supports the processes for technical risk management to protect information assets.



  • Assists in the management of defined security frameworks for existing and new systems
  • Assists in system security planning, developing, and implementing security policies across multiple platforms.
  • Ensures successful implementation and maintenance of the defined standards
  • Ensures compliance of IT Security Policies.
  • Provides support in security management and security architect standards and documentations.
  • Manages and supports networking and security services in LAN, WAN and Internet network infrastructure
  • Manages security devices such as firewall, IDS, vulnerability analyzers etc.
  • Provides technical support and consultation for enhancement of and change to security configurations. Provides fault resolution and escalation. Maintains documentation. Defines processes to manage the security compliance.


  • 2 – 3 years of experience in Information Security.
  • Bachelor’s Degree in a related field preferred or equivalent work experience.
  • Experience with risk management and analysis, using industry standards.
  • Experience in leading policy development and providing strong communication and awareness.
  • Experience evaluating existing, new and proposed regulatory requirements and developing appropriate risk based measures, policies, and setting direction.
  • Experience of evaluating and managing risk within service providers and the cloud.
  • Experience with managing vendor security and privacy requirements through contracts, SLAs, and assurance audits.
  • Experience with reviewing Security Operations Center reports.
  • Regulatory compliance knowledge (i.e., PCI, SOX, HIPAA, Privacy laws).
  • Direct experience with security policy governance, user education, and risk management.
  • Strong knowledge of information security principles and practices.
  • Strong awareness of information security frameworks and standards including PCI-DSS, ISO 27001-2005 and OWASP.
  • Solid understanding of IT technical security risks including application development, operating systems, database and network exposures, as well as risks with cloud and mobile technologies.
  • Knowledge and exposure to GRC tool ( e.g. Archer) is a plus:
  • Security and privacy certifications (e.g., CISSP, IAPP) are also a plus.
  • Demonstrates fundamental understanding of system and network security principles and technology.
  • Must be detail oriented.
  • Must be a team player.
  • Able to articulate technical processes, both oral and written, to different audiences and varying levels of complexity.
  • Demonstrates time management skills and the ability to prioritize work in a highly dynamic environment.

We offer a competitive salary, outstanding benefits package that includes medical, dental, vision, life Insurance, paid vacation and sick days, paid holidays, merchandise discounts, tuition reimbursement and 401(k) with company match.


Qualified applicants will receive consideration for employment without regard to their race, color, religion, national origin, sex, or disability.







Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed