Cyber Defense & Risk Analyst

HYBRID ROLE BASED OUT OF OUR ATLANTA OFFICE

Job Purpose:

Our Cyber Defense & Risk Analyst is responsible for strengthening Veritiv’s security posture through both cybersecurity operations and governance, risk, and compliance. This position partners closely with IT teams, Legal, Internal Audit, and third-party security providers to ensure risks are understood, prioritized, and reduced through practical and measurable actions.

Job Responsibilities:

Monitor, analyze, and validate security alerts using Veritiv’s security monitoring ecosystem (e.g., SIEM/MDR, endpoint security, identity protection, and email security tools).

Investigate, triage, and respond to incidents (e.g., phishing, identity compromise, malware, suspicious network activity), coordinating with internal stakeholders and third-party providers as needed.

Perform root cause analysis and support containment, eradication, and recovery activities; document incident details, actions taken, and lessons learned.

Assist with technical security reviews of new or changing technologies (SaaS, cloud services, integrations, and vendors), identifying misconfigurations and recommending compensating controls.

Partner with Internal Audit and control owners to support IT audit activities (e.g., evidence collection, walkthroughs, remediation validation, and closure of findings).

Participate in third-party / vendor risk activities, including review of security documentation, questionnaires, and assessment results; help translate vendor technical risks into business impact and mitigation steps.

Communicate complex technical topics clearly to non-technical stakeholders; produce concise written deliverables (incident summaries, risk write-ups, audit evidence narratives).

Identify opportunities to automate and streamline GRC and security operations processes (e.g., alert triage, evidence collection, control testing support, reporting), including the responsible use of approved AI-enabled security capabilities to improve speed, consistency, and quality.

Additional Responsibilities & Qualifications:

• Working knowledge of common security controls and frameworks (e.g., NIST CSF, ISO 27001/27002, CIS Controls) and the ability to map technical issues to control requirements.

• Hands-on experience with at least two of the following areas: security monitoring (SIEM/MDR), incident response, vulnerability management, endpoint security (EDR), identity and access management, email security.

• Experience supporting audits and control testing (e.g., ITGC, internal audit, SOC report reviews), including evidence collection and remediation tracking.

• Ability to write clearly and maintain thorough documentation (risk statements, procedures, incident notes, and audit evidence narratives).

• Strong interpersonal and communication skills, including the ability to work effectively with both technical teams and business stakeholders.

• Aptitude and desire to leverage AI-enabled capabilities and automation to improve security outcomes (e.g., workflow automation, scripting, playbooks, and repeatable process improvement) while maintaining appropriate governance and data handling practices.

• IT, Risk Management, Computer Science and Business Administration majors preferred.

Work Experience:

● 3-5 years of related job experience.

● Ability to manage multiple projects, work under pressure, and adapt to sudden changes in the work environment.

● Ability to work quickly and efficiently.

● Excellent verbal, written, people, and diplomacy skills are required.

● Experience of interpreting strategy and policy in order to set and deliver objectives.

● Proficient with Microsoft Office Suite.

● Strong customer service skills (friendly, courteous and helpful).

● Strong planning and organization skills are required.

Education:

● Bachelor's Degree Preferred

● Certified Information Systems Auditor (CISA) - Information Systems Audit and Control Association (ISSACA)

● Certified Information Security manager (CISM) - International Information System Security Certification Consortium

What We Offer

• Engaging and inclusive culture with employee-led Employee Resource Groups, Veritiv Cultural Alliance, recognition platform, etc.
• Extensive training opportunities, professional development programs, career pathing, and mentorship opportunities.
• Collaborative atmosphere with our customers and suppliers to create healthier, safer and more sustainable communities through our responsible operations and innovative solutions.
• Healthcare benefits, 401k, paid time off and tuition reimbursement.

About Veritiv

Together with its subsidiaries, Veritiv is the leading full-service provider of packaging solutions. Veritiv also provides JanSan, hygiene, print and publishing products and services. Veritiv serves customers in a wide range of industries, through team members around the world helping shape the success of its customers. For more information, visit www.veritiv.com and connect with the Company o