Company Overview
At Macmillan Publishers, we wholeheartedly believe in the transformative power of books—to connect people, amplify diverse voices, inspire meaningful change, and leave a lasting impact on the world.
As a leading publishing house, Macmillan is home to some of the world’s most celebrated authors and creators. We are deeply committed to our employees, authors, and core values, fostering a culture that embraces inclusivity and diverse perspectives at every level of our organization.
Our U.S. publishing divisions include Celadon Books, Farrar, Straus and Giroux, Flatiron Books, Henry Holt & Company, Macmillan Audio, Macmillan Children’s Publishing Group, The St. Martin’s Publishing Group, and Tor Publishing Group.
Key Responsibilities
- Rapid Incident Response: Swiftly assess, contain, and mitigate security threats to minimize impact.
- High-Stakes Decision-Making: Make critical security decisions under pressure during high-risk incidents.
- Cross-Team Collaboration: Work closely with IT, security, and leadership teams to ensure a unified response.
- Adaptability: Continuously refine security strategies in response to evolving threats.
- Thorough Documentation & Reporting: Provide clear, concise security reports with actionable insights.
- Incident Investigation & Threat Hunting: Analyze security alerts, conduct advanced threat investigations, and escalate high-risk incidents.
- Security Policy Optimization: Fine-tune detection rules, enhance access controls, and optimize security configurations.
- Data Analysis & Threat Identification: Review security logs, identify trends, and compile findings into meaningful reports.
- Technical Communication: Effectively document and present security findings to technical teams and executive leadership.
- Automation & Scripting (Preferred): Familiarity with PowerShell, KQL, or Python for security automation and custom threat detections (preferred but not required).
Required Qualifications
- Threat Detection & Response: Strong expertise in Microsoft Defender XDR, including malware detection, threat hunting, and automated response strategies.
- Identity Security & Access Management: Hands-on experience with Microsoft Entra ID, including Conditional Access Policies, MFA, and privilege escalation monitoring.
- Data Security & Insider Threat Detection: Familiarity with Varonis for file access monitoring, data exfiltration detection, and insider threat management.
- Phishing & Email Security: Knowledge of Google Admin Console for phishing investigations, domain blocking, and attachment scanning.
- Incident Investigation & Reporting: Proficiency in security log analysis, SIEM investigations, and industry best practices for security reporting.