IT Cyber Security Specialist
- Full-Time
- Remote
- A.W. Chesterton Company
- Posted 2 years ago – Accepting applications
Who We Need:
You are comfortable being the primary point of contact in the day-to-day administration of information security tools and devices.
You are willing to implement security measures to resolve vulnerabilities, mitigate risks and recomment security changes to the system or system components as needed.
You can advocate for changes in policy through collaboration and the identification of gaps identifies by the user of cybersecurity technologies that protect our data and business information systems.
Given these skills, you could work anywhere. So why not bring your talents somewhere great?
How about working at a company:
- With 130+ years in US manufacturing, whose business is still growing
- That is led by successful, strategic, personable leaders who know your name
- That has a significant global environmental impact with products and services that prevent and reduce industrial pollution
- That encourages you to dedicate 5% of your on the clock time to career development
- That gives you a formal on-boarding program to get you on a fast path to success
- That offers tuition reimbursement, a global employee recognition program where you can win gift cards, a mentoring program, a paid volunteerism time-off program, a scholarship program for children of employees and many more!
- That has people who are fun, smart, engaged and like working together to bring world-class service to our Customers every day
Check out our formal job description below:
Job Summary
Chesterton has a laser focus on our customers. The Cybersecurity Specialist supports our customers by acting as first-level support for security information and event management (SIEM) with our managed service security provider (MSSP) and may include responsibilities for the security administration of a wide variety of IT systems across the enterprise. The Cybersecurity Specialist is a hands-on role that requires technical expertise while being responsible for a broad range of tasks, including being the primary point of contact in the day-to-day administration of information security tools and devices.
Job Model: Fully Remote
Responsibilities
- Possesses the knowledge required to follow and adhere to compliance frameworks and other security requirements and standards that enable the organization to reduce risks and meet regulatory and statutory compliance.
- Identifies systemic security issues based on the analysis of vulnerability and configuration data.
- Implements security measures to resolve vulnerabilities, mitigate risks and recommend security changes to system or system components as needed.
- Participates as a stakeholder in cross-functional teams to develop technology solutions.
- Collaborates with functional teams and/or stakeholders to identify and/or develop appropriate solution designs, proper implementation, and any required mitigation strategies.
- Performs reviews and identifies security and other weaknesses in solutions that may introduce risks to the enterprise and business goal achievement.
- Employs best practices when implementing security controls within a system including software engineering methodologies; system and security engineering principles; secure design, secure architecture, and secure coding techniques.
- Informs and provides governance regarding system security controls that ensure and provide for the confidentiality, integrity, availability, authentication, and non-repudiation of system resources and the data they process and store.
- Coaches and develops less experienced team members.
* Cybersecurity Risk Management
a. Identifies and assesses the potential impact of Cybersecurity against established Cybersecurity industry frameworks, regulations, and organizational policies to develop and implement risk mitigation strategies in alignment with business objectives.
* Systems Analysis and Requirements Planning
a. Develops a detailed set of use cases and requirements through enterprise cybersecurity capabilities and tools.
b. Develops detailed set of use cases and requirements through documenting and deriving capabilities that are needed to operate, manage, administer, and deploy enterprise cybersecurity capabilities and tools.
* Strategic Planning and Policy
a. Advocates for changes in policy through collaboration and the identification of gaps identified by the user of cybersecurity technologies that protect our data and business information systems.
b. Applying knowledge of business and the marketplace to advance the organizations goals.
* Event Management/SIEM Management
a. Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity, and where appropriate, resolve or escalate reported security incidents.
b. Investigate and participate in resolving security violations by providing postmortem analysis to illuminate the issues and possible solutions.
- Threat and Vulnerability Management
a. Research threats and vulnerabilities and, where appropriate, take action to mitigate threats and remediate vulnerabilities.
b. Review, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure.
c. Recommend, schedule and/or apply fixes, security patches and any other measures required in the event of a security breach.
d. Monitor security vulnerability information from vendors and third parties.
* Identity and Access Management
a. Monitor internal control systems to ensure that appropriate information access levels and security clearances are maintained.
b. Oversee Microsoft Azure / Office 365 group licensing assignments and monitor licensing compliance guidelines.
Complexity of Duties
- Concept and business analysis including technical and financial proof of concepts.
- Ability to work with technical groups and provide timely, high quality technical contributions.
- Creates new support processes to better serve Chesterton business changes.
- Wide application of the principles, theories and concepts of business and IT implementation strategies.
- Ability to learn and utilize emerging tools and to keep pace with changes in the industry.
- Ability to define problems, collect data, establish facts, and draw valid conclusions.
Essential Skills
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Strong organizational skills.
- Strong knowledge of business operations and priorities.
- Excellent written, oral, and interpersonal communication skills.
Education and/or Experience
- Minimum of three years of IT or network security experience:
- Bachelor's degree in information systems, or equivalent work experience preferred.
- CompTIA Security+ certification.
Other Skill and Abilities
- Strong analytical and problem-solving skills to enable effective security incident and problem resolution.
- Ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously.
- Ability to work well under minimal supervision.
- Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT-business personnel.
- Strong written and verbal communication skills.
- Strong customer/client focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships.
- Experience in developing, documenting and maintaining security procedures.
Physical Demands
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is occasionally required to talk, hear and reach with hands and arms. Specific vision abilities required by this job include close and long distance vision. Moderate noise (i.e.: computer printers, traffic) exists daily in the work environment. Must occasionally lift and/or move up to 25 pounds. Ability to travel globally.
All of A.W. Chesterton Company employment is contingent upon successfully passing a background check, drug test, and the respective medical surveillance requirements.
Chesterton is an equal opportunity employer M/F/V/D
#LI-DNI
Job Type: Full-time
Pay: $75,000.00 - $90,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Employee assistance program
- Flexible schedule
- Flexible spending account
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Parental leave
- Professional development assistance
- Referral program
- Retirement plan
- Tuition reimbursement
- Vision insurance
Schedule:
- Monday to Friday
Application Question(s):
- A.W. Chesterton Company is a federal contractor and as such, all employees except those with approved medical or religious exemptions are required to be fully vaccinated on January 4, 2022. Do you understand this requirement?
Work Location: Remote