SR Security Analyst

Information Technology IRONDALE, Alabama


Description

Position at Motion Industries

Sr.  Security  Analyst

Supports the GPC and Motion Industries Enterprise Security Strategies. Supports the Information Protection strategic projects which includes many tools that require implementation and support on a variety of platforms 

Scope

  • Support of the Security Operations Center (SOC)
  • SOC requires daily review of reports, incidents and responses to security incidents and support tickets
  • Provide Support for investigating email spoofing, phishing and other attempts to exploit Motion employees
  • Ensures compliance with organizational security rules and standards
  • Ensure compliance with internal application security controls
  • Conduct research to keep abreast of latest security issues
  • Prioritize remediation of gaps based on internal and external audits
  • Prepare security and compliance reports by collecting, analyzing, and summarizing data
  • Support execution of vulnerability testing for application systems and the network environment
  • Support of the enterprise vulnerability management program
  • Complete projects as assigned on time and within budget 

Key Accountabilities

  • Proactively review and improve SOC alerts and reporting
  • Proactively review our environment to determine if there are any gaps in our SOX, PCI or security controls
  • Using installed tools and services identify security vulnerabilities
  • Take action to ensure reported vulnerabilities are remediated in a timely manner as approved by management
  • Work with other staff members as needed to remediate security weaknesses & vulnerabilities
  • Complete assigned projects in coordination with system owners for security tools
  • Implement security controls as approved by management
  • Research email, website and network connections to determine risk and mitigation plans
  • Customer Service
  • Review controls to prevent service impacts cause by unauthorized access
  • Interaction
  • Daily communication with all IT departments
  • Communication with management anytime a control exception or security incident is identified
  • Outstanding oral and written communication skills
  • Safety and Health
  • Supports company safety and health programs
  • Have a clear understanding of emergency procedures and responsibilities 

EDUCATION AND EXPERIENCE

  • Minimum of five (5) years of experience in information technology
  • Experience with a variety of security tools including Splunk, iboss, Qualys, Nessus,DLP, Joe Sandbox and others
  • Experience and security knowledge with Linux, Windows, WAN Technologies, Web technologies
  • Knowledgeable in the use of MS Office Software suite
  • 4-Year college degree required or 2 year college degree with certifications in security practices
  • Strong analytical, technical, and problem solving skills
  • Willing to share knowledge and assist others in understanding technical and business topics
  • Willingness to work outside of regular business hours as required which can include evenings, weekends, and holidays
  • Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
  • Ability to interpret information security data and processes to identify potential compliance issues
  • Ability to quickly understand security systems in order to identify and validate security requirements 

Skills and Capabilities

  • Experience in performing vulnerability scans and assessments as well as computer forensics
  • Knowledge of Information Security best practices and common processes
  • Knowledge of Windows and Linux vulnerabilities and exploits
  • Knowledge of network protocols, data flows, and vulnerabilities within a TCP/IP environment
  • Ability to perform network protocol analysis and raw data capture
  • Knowledge of OWASP and PCI-DSS a plus
  • Self-motivated, self-directed and shows attention to detail while working
  • Works ethically and with integrity supporting organizational goals and values
  • Completes work in a timely manner and meets deadlines
  • Contributes to building a positive team spirit and treats others with respect
  • Maintains confidentiality of information and uses information appropriately
  • Exhibits sound judgment when making decisions and recommendations
  • Fosters collaboration toward a common vision and shared goals
  • Must communicate effectively

 

 

 

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.