As a Senior Information Security Analyst, reporting directly to the Director of Information Security, you'll play a role in shaping and executing cutting-edge cybersecurity strategies while also maintaining a secure environment by handling incident response, threat hunting, doing assessments and getting inventory under control. What You'll Do:
- Work on key initiatives of the Division Information Security Plan, collaborating with Division and Global teams to strengthen defenses.
- Investigate and resolve cybersecurity incidents by partnering with experts in Network, Infrastructure, and the Global SOC team to protect our systems.
- Spearhead the NIST CSF assessment process, ensuring we're always ahead of the curve by identifying gaps and implementing effective solutions.
- Manage pen testing and vulnerability scan remediation, offering creative solutions and security consulting to infrastructure teams to keep threats at bay.
- Drive security efforts for major Division initiatives like Power BI and ERP system upgrades, ensuring top-notch security every step of the way.
- Oversee IT supply chain security processes, from vendor assessments to improving SAAS and application inventory controls.
- Stay ahead of the latest trends as a thought leader in solutions like IAM, SASE, and Zero-Trust, contributing your expertise to cutting-edge innovations.
- Elevate cybersecurity awareness by supporting the Director in rolling out impactful training programs for IT and end users.
- Measure success by developing, monitoring, and maintaining KPIs and SLAs, collaborating with the Division Director to ensure peak performance.
- Enhance policies and procedures, working both within the Division and with Global teams to continuously improve our cyber defenses.
What You Bring:
- A Bachelor's Degree and 6+ years of experience in information security.
- Certifications like CISSP, CCSP, CISM, or a demonstrated commitment to professional development are a plus.
- Prior experience in IT Systems Administration, and having moved to a security orientation.
- Manufacturing and distribution industries preferred, ideally with global, distributed teams.
- Deep knowledge of cybersecurity frameworks and standards (NIST, ISO, SOC2, GDPR, HIPAA, PCI).
- Hands-on experience with penetration testing, vulnerability assessments, and remediation coordination.
- Expertise in application and development security (SecDevOps, secure SDLC), infrastructure/network security (NGFW, SASE, Zero-Trust, EDR), and cloud security (Azure, AWS, Google).
This is your chance to work with a dynamic team to protect and empower global operations. If you're passionate about cybersecurity, thrive on solving complex problems, and want to be part of an exciting journey, we want to hear from you!