IT Security Analyst, Vulnerability Management
Cleveland, OH, United States
Sherwin-Williams
Discover the possibilities of Sherwin-Williams® paint with over 1700 paint colors. Get paint color tips, project ideas & product advice for DIY and Pros.The IT Security Analyst, ICS/OT Vulnerability Management performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation and resolution of security concerns detected by those systems. Key focus areas for this position include supporting Industrial Control Systems/Operational Technology (ICS/OT) Vulnerability Management tools and configurations for the ICS/OT environments. Secondary tasks may include the development and/or implementation of security solutions, which fit into the S-W security architecture. The IT Security Analyst, ICS/OT Vulnerability is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.
Strategy & Planning- Participate in the planning and designing of enterprise ICS/OT vulnerability management architecture, under the direction of the IT Security Manager, where appropriate.
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the IT Security Manager, where appropriate.
- Assist in developing and communicating policies, procedures, and plans to management team, staff, partners, customers, and stakeholders regarding technology and industry-specific laws.
- Stay abreast of emerging cybersecurity threats, technologies, and trends, evaluating their potential impact on organizational security posture.
Acquisition & Deployment
- Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with industry standard best practices and the enterprise’s specific security policies and standards.
- Maintain up-to-date detailed knowledge of the in-place security solutions including awareness of new or revised functions and improved processes.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
Operational Management
- Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e. security tools) or not (i.e., workstations, servers, network devices, etc.).
- Maintain operational configurations of all in-place security solutions (such as active or passive vulnerability scanning tools) as per the established baselines.
- Monitor all in-place security solutions for efficient and appropriate operations.
- Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
- Participate in investigations into problematic activity and escalate to the Security Operations Center for assistance as needed.
- Provide on-call support for end users for all in-place security solutions.
- Collaborate with IT, security, human resources, and legal to ensure full legal compliance of company policies, procedures, forms, notices, and materials.
- Advocate company’s compliance policies via regular written and in-person communications.
- Ensure that information security measures and equipment adhere to all applicable laws and regulations.
- Monitor security systems and analyze potential threats and vulnerabilities to infrastructure and applications throughout the environment, with a focus on ICS/OT environments in the manufacturing space.
- Assist in the analysis of security events and alerts to assess, prioritize and differentiate between vulnerabilities, potential intrusion attempts and false alarms.
- Assist with other projects as may be required to contribute to efficiency and effectiveness of the work that helps the team succeed.
This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa.
This position has a hybrid work schedule with three days in the office and the option for working remotely two days.
Job duties include contact with other employees and access confidential and proprietary information and/or other items of value, and such access may be supervised or unsupervised. The Company therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company’s staff, employees, and business relationships.
Formal Education & Certification
- Bachelor’s degree (or foreign equivalent) in a Computer Science, Computer Engineering, or Information Technology field of study (e.g., Information Technology, Electronics and Instrumentation Engineering, Computer Systems Management, Mathematics) or equivalent experience.
- Preferred CISSP, GIAC, CEH, and/or CompTIA Security+ certification
- Preferred Qualys, Dragos, Vulnerability Management experience
Knowledge & Experience
- 1+ year of IT experience.
- 1+ year of experience in cybersecurity in vulnerability management, incident response or security operations
- Understanding of ICS/OT systems, protocols, architectures, and technologies (SCADA, PLC, DCS).
- Strong analytical and problem-solving skills
- Experience identifying and implementing technical solutions to complex business problems
Experience in one or more of the following areas
- 1+ year of experience working in Linux and/or Windows environment.
- 1+ year of experience in networking and a sound understanding of networking models and protocols.
- 1+ year of experience with scripting languages (python, shell, etc), API / programming
- 1+ year of experience with security technologies (e.g. Windows GPO, Intune MDM, Privileged Account Management, SIEM/logging, EDR/Antivirus, Scripting Languages, Penetration Testing)
- 1+ year of experience with Vulnerability Management platforms (e.g. Qualys, Nessus, Rapid 7, ForeScout ICS, etc.)
- Understanding of common vulnerability and security frameworks (e.g. CVSS, CVE, CIS, NIST Cybersecurity Framework, ISO 27001, IEC 62443
- Strong orientation to customer service.
- Good written, oral, and interpersonal communication skills.
- Ability to provide security support services to the enterprise.
- Strong analytical skills.
- Self-motivated and directed.
- Team oriented and skilled in working within a collaborative environment.
- Strong commitment to inclusion and diversity.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Antivirus APIs CEH CISSP Compliance CompTIA Computer Science CVSS EDR GIAC ICS IEC 62443 Incident response Industrial ISO 27001 Linux Mathematics Nessus NIST Pentesting Python Qualys SCADA Scripting SIEM SOC Strategy Vulnerabilities Vulnerability management Windows
Perks/benefits: Career development Health care Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.