The Estee Lauder Companies Manager, Threat Intelligence in Long Island City, New York

Manager, Threat Intelligence

Brand: Estée Lauder Companies


The Estée Lauder Companies (ELC) Inc. is a Fortune 500, multinational manufacturer and marketer of prestige skincare, makeup, fragrance and hair care products, headquartered in New York City. As the global leader in prestige beauty, we touch over half a billion consumers a year. The company owns a diverse portfolio of brands, distributed internationally through both digital commerce and retail channels.

ELC prizes the confidentiality of its consumers and therefore places a premium on cybersecurity. As the business world becomes increasingly digital and cyber threats grow in number and in sophistication, ELC will continue to invest and develop a proactive people-centered, cybersecurity program. The Global Information Risk and Security (GIRS) team spearheads these efforts.

The GIRS Cyber Threat Management Manager will impact a global team focused on cyber threat management, consistent with the threats and scale of a Fortune 500 retail, wholesale, and manufacturing enterprise entering a period of rapid business growth through innovation and acquisition. Projects could be focused on vulnerability management, threat modeling, threat intelligence, mobile security, insider threat, awareness and education, metrics, security analysis, incident detection, interruption of the kill chain, and damage control. Cyber Threat Management is involved in all aspects of the business, including all brands, functions, and regions worldwide, and thus requires interaction with all levels of technical and business acumen.

This role necessarily deals with highly confidential and sensitive information, and the role is expected to confirm to best handling practices.

Impact the global Cyber Threat Management function, including collaboration with Legal, Human Resources, Global Communications, Corporate (Physical) Security, other Information technology (IT) teams, and leadership across brands, functions, and regions. Lead and contribute to Security Operations Center (SOC) projects, which include security analysis, threat intelligence, incident response, case management/workflow tools, vulnerability management, pen testing/red teaming, mobile security, insider threat, and metrics.

Stop and mitigate complex attacks to protect ELC. This will require emergency decisions in response to active attacks outside of routine technology processes and communication of those decisions to technical personnel and leaders.

Responsibilities will include high-priority work from the following projects:

Threat Intelligence/Threat Education & Awareness

  • Threat Intelligence Vendor Monitoring

  • Cyber Threat Management Advisories

  • GIRS Daily Threat Briefing Script Maintenance

  • Threat Matrix (High-Level Deck)

  • Prioritized Uplifts based on Cyber Threat Landscape

  • Threat Intelligence Automated Indicators of Compromise Feeds Program Management

Security Analysis/Monitoring/Incident Response

  • Operational Support for Investigations/Forensics

  • Incident Response Procedures/Policies/Mini-Exercises

Vulnerability Management/Mobile Security

  • Vulnerability Identification

  • Evaluate mobile security containerization for corporate apps

  • Develop guidance to provide to ELC mobile applications developers and integrators

  • Implement a process for discovering new applications, performing risk assessments, and following up on remediation efforts

  • Provide malware scanning, threat detection, monitoring, and remediation


Information security familiarity with CyberSecurity operations (identify, protect, detect, respond, and recover functions); malware, and attack patterns (offensive and defensive technologies); awareness and training; continuous risk assessments; scenario planning; penetration testing/red teaming; mobile security; vulnerability scanning/identification/management and patch management; threat intelligence monitoring; network/endpoint/perimeter monitoring; incident management; insider threat and data leakage protection; application security; policies, standards, and procedures; and information security metrics. Hands on experience in these domains and other key technology domains, such as coding/developing, understanding technology standards, deploying new technologies, and integrating new and existing technologies.

Business knowledge to perform just-in-time risk management and incident response. Understanding of retail/manufacturing sufficient to correlate attackers’ motives to business impacts and to appropriately adjust controls. Experience working in or with a 24/7 cyber threat management operation (e.g. a Security Operations Center (SOC)).

Experience handling, securing, and communicating highly confidential and sensitive information.

Job: Information Technology

Primary Location: Americas-US-NY-Long Island City

Job Type: Standard

Schedule: Full-time

Shift: 1st (Day) Shift

We are an equal opportunity employer. Minorities, women, veterans, and individuals with disabilities are encouraged to apply.

Job Number: 192124