isecjobs.com

Cyber Security Analyst

DFW Airport, Texas, United States

Full Time Entry-level / Junior USD 60K+
Menzies logo

Menzies

View all jobs at Menzies

Apply now Apply later

Reports to: Americas Cybersecurity Manager

Salary: $60,000.00

Location: Grapevine, TX              

Overview

Menzies Aviation is an independent, time-critical logistics specialist serving the airline industry. At more than 250 locations in 60 countries, Menzies Aviation offers landside and airside services tailored to customers’ needs; timed to their schedules; and delivered by teams with the knowledge, tools, and passion to set standards rather than chase them.

Confidentiality, integrity, and availability of its business systems are critical to the successful day-to-day operation of Menzies and the achievement of its strategic goals. Reporting to the Americas Cybersecurity Manager you will be responsible for proactively identifying, reporting, and managing the cyber risk.

A key function of this role is to maintain security requirements to meet adherence to industry requirements and regulations such as TSA or NIST. Inclusive to this function is focus on fueling operations cybersecurity for information technology and operational technology systems and providing reports to the Americas Cybersecurity Manager with responsibilities to reporting deliverables of this role to SVP Fuels Americas and Chief Information Security Officer.

Main accountabilities include:

Continuous improvement of Menzies's overall operational cyber security posture by:

  • Managing critical Security Operations, ensuring events and incidents are responded to effectively, playbooks are followed and opportunities for improvement are identified and actioned.
  • Ensuring the security architecture is implemented and functioning across the estate and providing the expected detection and prevention capabilities.
  • Scoping and managing the annual mandatory external testing of cyber security controls on key production systems. Reporting the findings to the relevant stakeholders and managing the required mitigations.
  • Analyze and prioritize cyber threat intelligence and disseminate actionable information to the relevant IT teams and system owners to proactively mitigate emerging vulnerabilities.
  • Ensure the relevant training and communications materials, informed by current threat intelligence, are available to promote a ‘Cyber Aware’ culture within the business.
  • Collaborate with other departments such as IT, Development, legal, and Human Resources to ensure that cybersecurity measures are understood and implemented.
  • Monitor, measure and advise on the cyber controls of third-party suppliers.
  • Supporting the management and operation of a Vulnerability Management Program. Managing the relevant processes to ensure oversight of the cyber security posture, working with the relevant teams to remediate known vulnerabilities, and reporting monthly to the Chief Information Security Officer quantifying the risk and the progress of remediation.
  • Keep abreast of regulations affecting cybersecurity (e.g., GDPR, CA CCPA) and ensure the company’s adherence to these and other relevant standards.

Maintain cyber governance by: 

  • Understanding contractual and regulatory cyber compliance requirements to implement the appropriate controls.
  • Update and maintain documentation for business units to meet cybersecurity regulations.
  • Performing risk assessments for new systems, significant changes, current processes, projects, integrations and updating the risk register with findings and propose an appropriate remediation plan.

Other responsibilities include: 

  • Management of cyber risk by working with business and IT stakeholders to understand processes, inform on current cyber risk and manage this to an acceptable level.
  • Host/lead annual tabletop exercises to maintain awareness of cybersecurity incident response and update response plans.
  • Prioritize security updates based on regulatory requirements (e.g. CISA Known Exploitation Vulnerability Catalog).
  • Supporting responses to audit requests to regulatory agencies and airlines, and subsequent clarifications.
  • Working with business and IT stakeholders to define metrics and reporting strategies that effectively communicate the value of the security program.
  • Monitor and respond to potential cybersecurity incidents and advise whether events attribute to an IT incident or cybersecurity incident and if complete regulatory reporting as required.
  • Consult with IT and system owners to ensure that their cyber security requirements are factored into the evaluation, selection, installation, and configuration of hardware, applications, and software. Identifying areas for potential improvement.
  • Monitoring and reporting on compliance with security policies, as well as the enforcement of policies within the IT department.
  • Other cybersecurity responsibilities that are covered by this position           

Safety, Security, and Compliance

ALL Employees have a responsibility and duty whilst at work to:

  • Take reasonable care for the health and safety of themselves and of others who may be affected by their actions or omissions whilst at work.
  • Co-operate with their manager/supervisor in order to allow them to perform or comply with any legal requirements imposed on the company.
  • Not intentionally or recklessly interfere with or misuse anything provided by the company in the interests of health, safety, or welfare reasons.
  • Inform their manager/supervisor of any work situation, equipment, or activity that represents a serious or immediate danger to health and safety.
  • Report any hazards, near misses, incidents, accidents or dangerous occurrences to their manager/supervisor, who will then follow the procedures contained in this manual.
  • Carry out work in accordance with information and training provided and any specific workplace health and safety rules or procedures.
  • Fully understand the company's health and safety policy.
  • Attend training courses as may be arranged by the Company.
  • Engage with MORSE and follow our code principles.

Qualifications and Experience

  • Education: A degree in IT or cybersecurity is preferred
  • Professional Certifications Relevant certifications such as CISSP, CISA, CEH, Security+, or others are highly valued.
  • Ability to manage and support a security operations team.
  • Ability to manage the performance of third-party service delivery partners.
  • Ability to communicate effectively to a range of audiences.
  • Degree in an IT or cyber security discipline, or equivalent experience and relevant qualifications.
  • Knowledge of common information security management frameworks, such as International Standards Organization (ISO) 27001, the IT Infrastructure Library (ITIL), or the National Institute of Standards and Technology Cybersecurity Framework.
  • Awareness of regulations affecting cybersecurity (e.g., CA CCPA, GDPR) and able to evaluate regulations for implementation.
  • Understanding of networks, systems, applications, and Cloud technologies.
  • Familiarity with the principles of cryptography.
  • Knowledge of security testing.
  • Experience working and learning within a fast-moving, changeable environment with new technology/services/infrastructure/priorities and working practices (processes).
  • Excellent organizational, planning, and administrative skills and a good eye for detail.
  • Highly analytical with the ability to influence, challenge, and implement change.
  • Experience in dealing with work of a confidential and sensitive nature.

 

Apply now Apply later
Job stats:  1  1  0
Category: Analyst Jobs

Tags: CCPA CEH CISA CISO CISSP Cloud Compliance Cryptography GDPR Governance Incident response ITIL IT infrastructure Monitoring NIST Risk assessment Threat intelligence Vulnerabilities Vulnerability management

Perks/benefits: Career development Team events

Region: North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Information Security Specialist jobsInformation System Security Officer jobsInformation Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsSenior Cybersecurity Engineer jobsIT Security Engineer jobsSenior Network Security Engineer jobsCyber Security Specialist jobsSenior Information Security Analyst jobsSystems Engineer jobsSystems Administrator jobsSecurity Consultant jobsSecurity Specialist jobsSenior Cyber Security Engineer jobsIT Security Analyst jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsSenior Penetration Tester jobsInformation Systems Security Engineer jobsThreat Intelligence Analyst jobsSecurity Operations Analyst jobsSenior Information Security Engineer jobsCyber Threat Intelligence Analyst jobsStaff Security Engineer jobs
Top Secret jobsJava jobsMalware jobsGDPR jobsSplunk jobsEDR jobsRMF jobsSaaS jobsSDLC jobsForensics jobsIDS jobsSQL jobsBash jobsIPS jobsIntrusion detection jobsThreat detection jobsDoDD 8570 jobsFinance jobsActive Directory jobsCRISC jobsITIL jobsCompTIA jobsGIAC jobsTerraform jobsDocker jobs
OWASP jobsClearance Required jobsSANS jobsOSCP jobsSOC 2 jobsCCSP jobsUNIX jobsHIPAA jobsPolygraph jobsBanking jobsIndustrial jobsAnsible jobsJavaScript jobsVPN jobsData Analytics jobsTCP/IP jobsSAP jobsDNS jobsSOX jobsIT infrastructure jobsJira jobsCISO jobsMachine Learning jobsSOAR jobsNIST 800-53 jobs