HYBRID ROLE BASED OUT OF OUR ATLANTA OFFICE

Job Purpose:

Our Cyber Defense & Risk Analyst is responsible for strengthening Veritiv’s security posture through both cybersecurity operations and governance, risk, and compliance. This position partners closely with IT teams, Legal, Internal Audit, and third-party security providers to ensure risks are understood, prioritized, and reduced through practical and measurable actions.

Job Responsibilities:

● Monitor, analyze, and validate security alerts using Veritiv’s security monitoring ecosystem (e.g., SIEM/MDR, endpoint security, identity protection, and email security tools).
● Investigate, triage, and respond to incidents (e.g., phishing, identity compromise, malware, suspicious network activity), coordinating with internal stakeholders and third-party providers as needed.
● Perform root cause analysis and support containment, eradication, and recovery activities; document incident details, actions taken, and lessons learned.
● Assist with technical security reviews of new or changing technologies (SaaS, cloud services, integrations, and vendors), identifying misconfigurations and recommending compensating controls.
● Partner with Internal Audit and control owners to support IT audit activities (e.g., evidence collection, walkthroughs, remediation validation, and closure of findings).
● Participate in third-party / vendor risk activities, including review of security documentation, questionnaires, and assessment results; help translate vendor technical risks into business impact and mitigation steps.
● Communicate complex technical topics clearly to non-technical stakeholders; produce concise written deliverables (incident summaries, risk write-ups, audit evidence narratives).
● Identify opportunities to automate and streamline GRC and security operations processes (e.g., alert triage, evidence collection, control testing support, reporting), including the responsible use of approved AI-enabled security capabilities to improve speed, consistency, and quality.

Additional Responsibilities & Qualifications:

• Working knowledge of common security controls and frameworks (e.g., NIST CSF, ISO 27001/27002, CIS Controls) and the ability to map technical issues to control requirements.

• Hands-on experience with at least two of the following areas: security monitoring (SIEM/MDR), incident response, vulnerability management, endpoint security (EDR), identity and access management, email security.

• Experience supporting audits and control testing (e.g., ITGC, internal audit, SOC report reviews), including evidence collection and remediation tracking.

• Ability to write clearly and maintain thorough documentation (risk statements, procedures, incident notes, and audit evidence narratives).

• Strong interpersonal and communication skills, including the ability to work effectively with both technical teams and business stakeholders.

• Aptitude and desire to leverage AI-enabled capabilities and automation to improve security outcomes (e.g., workflow automation, scripting, playbooks, and repeatable process improvement) while maintaining appropriate governance and data handling practices.

• IT, Risk Management, Computer Science and Business Administration majors preferred.

Work Experience:

● 3-5 years of related job experience.

● Ability to manage multiple projects, work under pressure, and adapt to sudden changes in the work environment.

● Ability to work quickly and efficiently.

● Excellent verbal, written, people, and diplomacy skills are required.

● Experience of interpreting strategy and policy in order to set and deliver objectives.

● Proficient with Microsoft Office Suite.

● Strong customer service skills (friendly, courteous and helpful).

● Strong planning and organization skills are required.

Education:

● Bachelor's Degree Preferred

● Certified Information Systems Security Professional (CISSP) - International Information System Security Certification Consortium

● Certified Information Systems Auditor (CISA) - Information Systems Audit and Control Association (ISSACA)

What We Offer

• Engaging and inclusive culture with employee-led Employee Resource Groups, Veritiv Cultural Alliance, recognition platform, etc.
• Extensive training opportunities, professional development programs, career pathing, and mentorship opportunities.
• Collaborative atmosphere with our customers and suppliers to create healthier, safer and more sustainable communities through our responsible operations and innovative solutions.
• Healthcare benefits, 401k, paid time off and tuition reimbursement.

About Veritiv

Together with its subsidiaries, Veritiv is the leading full-service provider of packaging solutions. Veritiv also provides JanSan, hygiene, print and publishing products and services. Veritiv serves customers in a wide range of industries, through team members around the world helping shape the success of its customers. For more information, visit www.veritiv.com and connect with the Company on LinkedIn.