Information Technology Security Analyst

Come join a team where People make the difference!  As a part of Marmon Holdings, Inc., a highly decentralized organization, we rely heavily on people with the aptitude, attitude, and entrepreneurial spirit to drive our success, and we're committed to attracting and retaining top talent.

The Information Technology Security Analyst plays a crucial role in protecting the Metal Services Group companies’ information systems and data from cyber threats. This individual will be responsible for monitoring, analyzing, and responding to security incidents, ensuring that the organization's IT applications and infrastructure are secure, and implementing security measures to protect against potential threats. The Information Security Analyst will work with IT (Information Technology) personnel across the Metal Services Group companies to develop, implement, and maintain cyber security best practices, policies, and standards. This is a remote position and will ideally be located in the Eastern or Central US or Canada

***Candidates must be authorized to work in the United States/Canada for any employer. Sponsorship for work authorization (e.g., H-1B, green card, etc.) is not available.***

Minimum Requirements and Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, related field, or equivalent experience.
• 3-5 years of demonstrable knowledge in the domains of access control; application security; business continuity and disaster recovery planning; information security and risk management; operations security; physical security; security architecture and design; and network security experience in IT security, network security, or a related role.
• Firsthand experience with security monitoring, incident response, and vulnerability management.
• Experience with multi-tenant and international environment
• Experience managing and securing network devices (firewalls, IDS/IPS, etc.) and servers (on-premises and cloud).
• Proficiency in security tools such as SIEM, antivirus, EDR, and vulnerability scanners.
• Strong knowledge of networking concepts, including TCP/IP, routing, switching, and DNS.
• Experience with server management, including Windows Server, Linux, Active Directory, and cloud platforms (e.g., AWS, Azure).
• Familiarity with scripting languages (e.g., Python, PowerShell) for automation and security tasks.
• Certifications preferred: CISSP, CEH, Security+
• Strong analytical and critical thinking skills.
• Excellent communication, strategic thinking, and problem-solving abilities.
• Ability to work independently and as part of a team.
• Strong attention to detail and a proactive approach to security challenges.

Major Responsibility Areas:

Security Monitoring and Incident Response:

• Monitor security alerts, logs, and events across the organization's network,
  servers, and endpoints.
• Investigate and respond to security incidents, including malware infections,
  phishing attempts, and unauthorized access.
• Conduct root cause analysis to determine the origin of incidents and implement corrective actions.

Vulnerability Management:

• Perform regular vulnerability assessments and penetration testing on the organization's IT infrastructure.
• Identify security vulnerabilities in networks, servers, and applications, and work with relevant teams to remediate them.
• Keep up to date with the latest security vulnerabilities and threats

Network Security:

• Monitor network security devices such as firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs.
• Implement and enforce network security policies, including access controls and data encryption.
• Collaborate with the network engineering team to design and secure network architectures.

Server Security:

• Ensure the security of on-premises and cloud-based servers, including patch management, hardening, and monitoring.
• Manage and monitor Active Directory, DNS, and other critical server services for security vulnerabilities and threats.
• Conduct regular security audits on server configurations and user permissions

Compliance and Policy Enforcement:

• Align cyber security strategies with corporate policies.
• Ensure compliance with industry standards and regulations (e.g., SPRS, CMMC, GDPR, HIPAA, PCI-DSS).
• Develop, implement, and enforce security policies and procedures.
• Participate in audits and assessments and prepare necessary documentation for compliance purposes.

Security Awareness and Training:

• Administer cyber security awareness training for employees to educate them on best practices and emerging threats.
• Develop and distribute security bulletins, newsletters, and alerts to keep the organization informed of relevant security issues.

Security Projects:

• Lead or participate in security-related projects, such as the implementation of new security technologies or the enhancement of existing security measures.
• Collaborate with cross-functional teams to ensure security is integrated into all aspects of IT projects.
• Perform gap analysis of current environments and evolving security standards.
• Perform cyber security due diligence for acquisitions.

Reporting and Documentation:

• Maintain detailed records of security incidents, vulnerability assessments, and remediation efforts.
• Lead or participate in security surveys as required.
• Report on key performance indicators (KPIs) and metrics to measure the security posture, incident trends, and compliance status for management review.
• Document security procedures, configurations, and policies for internal use.
• Ability to travel to work with teams as needed.

Additional Duties:
• Additional duties as assigned, not determined at the time of hire.
 

If this sounds like you, let's talk!  We are building something cool here, and this is an opportunity you won't want to miss!

COMPANY DESCRIPTION

Marmon Metal Services is a part of Marmon Holdings, LLC under the Berkshire Hathaway Inc., umbrella.   Berkshire Hathaway is a global, diversified industrial organization comprising 11 diverse business groups, and more than 125 autonomous manufacturing and service companies.  Marmon Holdings, Inc. and its subsidiaries employ more than 24,000 people in 18 countries.  Company revenues exceeded $10B in 2023.

Following receipt of a conditional offer of employment, candidates will be required to complete additional job-related screening processes as permitted or required by applicable law.

We are an equal opportunity employer, and all applicants will be considered for employment without attention to their membership in any protected class. If you require any reasonable accommodation to complete your application or any part of the recruiting process, please email your request to careers@marmon.com, and please be sure to include the title and the location of the position for which you are applying.