Lead Security Analyst, Purple Team

Lead Security Analyst, Purple Team

Victorias Secret & Co. is seeking a highly skilled and collaborative Purple Team Lead to build and lead our internal purple team function. The Lead Security Analyst Purple Team Lead works within the Information Security Incident Response in Information Technology and will bridge offensive and defensive security capabilities, driving proactive detection, response readiness, and team development across the enterprise.

Your Impact

Establish and lead a dedicated purple team to align red and blue team efforts.

Conduct advanced penetration tests on networks, infrastructure, and applications to identify risks and validate defenses.

Collaborate with defensive teams to enhance detection rules, incident response playbooks, and alert fidelity.

Design and run technical tabletop exercises for IT and security stakeholders, simulating real?world attack scenarios.

Mentor junior team members in both offensive and defensive security disciplines.

Work cross?functionally with infrastructure, application, and DevOps teams to embed security into operations.

Document and communicate findings clearly, with actionable remediation strategies for both technical and non?technical audiences.

Minimum Salary

$125,500.00

Maximum Salary

$171,360.00

Qualifications

Your Experience

8+ years experience in Cybersecurity Technologies.

35 years of experience conducting penetration testing (network, application, cloud). Hybrid offensive skillset preferred.

35 years of experience defending enterprise environments (SIEM, EDR, firewall, WAF, etc.).

Demonstrated hands?on expertise and impact in similar roles in fast?paced, complex environments.

Strong understanding of MITRE ATT&CK framework, threat emulation, and detection engineering.

Experience with tools like Cobalt Strike, Metasploit, Burp Suite, BloodHound, and modern EDR/XDR platforms.

Skilled in scripting and automation (Python, PowerShell, Bash).

Proven leadership or mentoring experience in cybersecurity teams.

Ability to communicate and engage effectively at all levels of the organization within IT and with non?IT stakeholders.

Preferred Experience

Experience in building purple team programs from the ground up.

Familiarity with cyber threat intelligence and TTP development.

Relevant certifications (e.g., OSCP, GXPN, CISSP, GCIA, GCIH).

Experience working in or securing retail environments, including POS systems, eCommerce platforms, and distributed IT infrastructure.

Education

Bachelors degree in Information Technology or equivalent experience.

Location & Remote

This is a hybrid position and requires candidates to reside within a reasonable commuting distance to our Reynoldsburg office for weekly onsite work.

Equal Opportunity Statement

We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws. An equal opportunity employer, we do not discriminate in hiring or terms and conditions of employment because of an individuals race, color, religion, gender, gender identity, national origin, citizenship, age, disability, sexual orientation, marital status or any other protected category recognized by state, federal or local laws. We only hire individuals authorized for employment in the United States. #J-18808-Ljbffr