Location: Remote with monthly visit to offices in either Cleveland, OH; Atlanta, GA; Dalton, GA or Chicago, IL.
The Senior Information Security Analyst will have responsibility for executing and contributing to cyber-and information security programs.
What you’ll do:
- Participate in executing parts of the Division Information Security Plan. You will interface with Division and Global Teams to help push forward these programs.
- Incident Response: Address cybersecurity issues / incidents
- Support and facilitate the annual NIST Cybersecurity Framework assessment process including issue tracking and gap solutions: from consulting and design through implementation assurance / effectiveness testing Facilitate pen testing / vulnerability scan remediation and tracking, providing solutions / consulting to infrastructure teams.
- Security assessment and consulting for Division Level Initiatives.
- Manage and maintain Division IT supply chain security processes including vendor assessment plus SAAS / application inventory management control improvements.
- Contribute as research and thought leader for solutions such as IAM, SASE, Zero-Trust
- Assist Director to support cybersecurity communication, awareness, and training plans for IT and end users Develop, monitor, and maintain KPIs and SLAs in coordination with the Division Director
- Improve Division and Global cyber and information security policy and procedures.
- Maintain an in-depth and current technical knowledge of industry cyber and information security trends Develop relationships as a trusted partner to Network, Infrastructure, and Global teams.
Background Profile:
- Bachelor’s Degree required.
- 10 years of progressive, broad scope IT experience in an enterprise manufacturing/distribution environment, with at least 5+ years in a transaction level Information Security Analyst role.
- Experience working with global teams is a plus.
- Certifications such as CISSP, CCSP, CISM / demonstrated commitment to professional development Experience working with frameworks and standards such as: NIST, ISO, SOC2, GDPR, HIPAA, PCI etc. NIST specifically is a plus.
- Experience with penetration testing, vulnerability assessments, and coordinating remediation Application and development security – SecDevOps, secure SDLC
- Infrastructure / Network security – NGFW, SASE, Zero-Trust, EDR, micro-segmentation, Identity & Access Mgmt. Experience with Azure Cloud security tools such as Microsoft Defender for Endpoint, Microsoft Sentinel, Purview, Intune is a plus.
- The ability to travel up to 25%, including some international travel.
Why this job?
- Flexible / Remote work arrangements
- Competitive salary, benefits, and retirement plan options.
- Career path options. An opportunity to advance into management or advance in a non-management path. Extensive opportunities to work on major global initiatives. You won't be bored and there are continuous learning opportunities.
- An opportunity to have global visibility, travel internationally, and be a part of strategic and transformational security programs.