IT Security Analyst, Vulnerability Management

The IT Security Analyst, ICS/OT Vulnerability Management performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation and resolution of security concerns detected by those systems.  Key focus areas for this position include supporting Industrial Control Systems/Operational Technology (ICS/OT) Vulnerability Management tools and configurations for the ICS/OT environments.  Secondary tasks may include the development and/or implementation of security solutions, which fit into the S-W security architecture.  The IT Security Analyst, ICS/OT Vulnerability is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

Strategy & Planning

• Participate in the planning and designing of enterprise ICS/OT vulnerability management architecture, under the direction of the IT Security Manager, where appropriate.
• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the IT Security Manager, where appropriate.
• Assist in developing and communicating policies, procedures, and plans to management team, staff, partners, customers, and stakeholders regarding technology and industry-specific laws.
• Stay abreast of emerging cybersecurity threats, technologies, and trends, evaluating their potential impact on organizational security posture.

Acquisition & Deployment

• Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with industry standard best practices and the enterprise’s specific security policies and standards.
• Maintain up-to-date detailed knowledge of the in-place security solutions including awareness of new or revised functions and improved processes.
• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.

Operational Management

• Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e. security tools) or not (i.e., workstations, servers, network devices, etc.).
• Maintain operational configurations of all in-place security solutions (such as active or passive vulnerability scanning tools) as per the established baselines.
• Monitor all in-place security solutions for efficient and appropriate operations.
• Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
• Participate in investigations into problematic activity and escalate to the Security Operations Center for assistance as needed.
• Provide on-call support for end users for all in-place security solutions.
• Collaborate with IT, security, human resources, and legal to ensure full legal compliance of company policies, procedures, forms, notices, and materials.
• Advocate company’s compliance policies via regular written and in-person communications. 
• Ensure that information security measures and equipment adhere to all applicable laws and regulations.

Incidental Functions

• Monitor security systems and analyze potential threats and vulnerabilities to infrastructure and applications throughout the environment, with a focus on ICS/OT environments in the manufacturing space.
• Assist in the analysis of security events and alerts to assess, prioritize and differentiate between vulnerabilities, potential intrusion attempts and false alarms.
• Assist with other projects as may be required to contribute to efficiency and effectiveness of the work that helps the team succeed.

This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa.

This position has a hybrid work schedule with three days in the office and the option for working remotely two days.

Job duties include contact with other employees and access confidential and proprietary information and/or other items of value, and such access may be supervised or unsupervised. The Company therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company’s staff, employees, and business relationships.

Formal Education & Certification

• Bachelor’s degree (or foreign equivalent) in a Computer Science, Computer Engineering, or Information Technology field of study (e.g., Information Technology, Electronics and Instrumentation Engineering, Computer Systems Management, Mathematics) or equivalent experience.
• Preferred CISSP, GIAC, CEH, and/or CompTIA Security+ certification
• Preferred Qualys, Dragos, Vulnerability Management experience 

Knowledge & Experience

• 1+ year of IT experience.
• 1+ year of experience in cybersecurity in vulnerability management, incident response or security operations
• Understanding of ICS/OT systems, protocols, architectures, and technologies (SCADA, PLC, DCS).
• Strong analytical and problem-solving skills
• Experience identifying and implementing technical solutions to complex business problems

Experience in one or more of the following areas

• 1+ year of experience working in Linux and/or Windows environment.
• 1+ year of experience in networking and a sound understanding of networking models and protocols.
• 1+ year of experience with scripting languages (python, shell, etc), API / programming
• 1+ year of experience with security technologies (e.g. Windows GPO, Intune MDM, Privileged Account Management, SIEM/logging, EDR/Antivirus, Scripting Languages, Penetration Testing)
• 1+ year of experience with Vulnerability Management platforms (e.g. Qualys, Nessus, Rapid 7, ForeScout ICS, etc.)
• Understanding of common vulnerability and security frameworks (e.g. CVSS, CVE, CIS, NIST Cybersecurity Framework, ISO 27001, IEC 62443

Personal Attributes

• Strong orientation to customer service.
• Good written, oral, and interpersonal communication skills.
• Ability to provide security support services to the enterprise.
• Strong analytical skills.
• Self-motivated and directed.
• Team oriented and skilled in working within a collaborative environment.
• Strong commitment to inclusion and diversity.

Here, we believe there’s not one path to success, we believe in careers that grow with you. Whoever you are or wherever you come from in the world, there’s a place for you at Sherwin-Williams. We provide you with the opportunity to explore your curiosity and drive us forward. Sherwin-Williams values the unique talents and abilities from all backgrounds and characteristics. All qualified individuals are encouraged to apply, including individuals with disabilities and Protected Veterans. We’ll give you the space to share your strengths and we want you show us what you can do. You can innovate, grow and discover in a place where you can thrive and Let Your Colors Show!  At Sherwin-Williams, part of our mission is to help our employees and their families live healthier, save smarter and feel better. This starts with a wide range of world-class benefits designed for you. From retirement to health care, from total well-being to your daily commute—it matters to us. A general description of benefits offered can be found at http://www.myswbenefits.com/. Click on “Candidates” to view benefit offerings that you may be eligible for if you are hired as a Sherwin-Williams employee. Compensation decisions are dependent on the facts and circumstances of each case and will impact where actual compensation may fall within the stated wage range. The wage range listed for this role takes into account the wide range of factors considered in making compensation decisions including skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. The wage range, other compensation, and benefits information listed is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law. Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable federal, state, and local laws including with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act where applicable. Sherwin-Williams is proud to be an Equal Employment Opportunity/Affirmative Action employer committed to an inclusive and diverse workplace. All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, marital status or any other consideration prohibited by law or by contract. As a VEVRAA Federal Contractor, Sherwin-Williams requests state and local employment services delivery systems to provide priority referral of Protected Veterans. Please be aware, Sherwin-Williams recruiting team members will never request a candidate to provide a payment, ask for financial information, or sensitive personal information like national identification numbers, date of birth, or bank account numbers during the application process.