Senior IT Security Analyst

The Senior IT Security Analyst core function is to support the IT Security Manager in achieving IT goals. These goals are interrelated with the business goals of the company. Assignments at this level require both advance managerial and technical abilities. This position coordinates projects with their initiation, development, and solution of problems with the interdepartmental and interdivisional related systems. Must clearly demonstrate above standard IT Security competence or exceptional effectiveness in one phase of the field.

Essential Functions Strategy & Planning

• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the IT Security Manager, where appropriate.

• Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the IT Security Manager, where appropriate.

• Develop and communicate policies, procedures, and plans to executive team, staff, partners, customers, and stakeholders regarding technology and industry-specific laws.

Acquisition & Deployment

• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.

• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.

Operational Management

• Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.

• Participate in investigations into problematic activity.

• Participate in the design and execution of vulnerability assessments, penetration tests and security audits.

• Collaborate with IT, security, human resources, and legal to ensure full legal compliance of company policies, procedures, forms, notices, and materials.

• Maintain a strong awareness of legislative changes or amendments in order to ensure ongoing and future compliance.

• Advocate company’s compliance policies via regular written and in-person communications.

• Ensure that information security measures and equipment adhere to all applicable laws and regulations.

• Monitor Sherwin-Williams assets, network, and data ensuring the prevention of events that negatively impact confidentiality, availability, and integrity.

• Investigate suspicious activity and execute containment efforts in the event malicious activity is discovered.

• Participate in security incident response efforts by maintaining an in-depth knowledge of common attack vectors, common security exploits, and countermeasures. Responds to all information security relevant events (hacker intrusions, virus infections, denial of service attacks, etc.)

• Develop, refine, and maintain IT Security response playbooks and response plans.

• Provide feedback on detection indicators and intruder tactics, techniques, and procedures.

• Mentor and provide direction to junior analysts, conduct additional triage on escalations from those analysts

• Evaluate threats from state actors, non-state actors, cyber criminals and activists.

• Identify adversary’s activities, including attribution, tactics, techniques and campaigns.

• Champion use of processes, standards, governance, and disciplined execution.

• Evaluate and use advanced Incident Response products and services to improve efficiency and effectiveness of incident response

•  Lead projects to enhance SOC capabilities.

•  Collaborate with business, peers, and vendors to drive robust prevention, detection, and remediation methodologies.

• Analyze potential threats and recommend remediation activities required based on security objectives and knowledge of overall risk of asset.

• Reviews and optimizes indicators of compromise (IOCs) and event rules.

• Researches the current threat landscape to adapt Sherwin-Williams defense strategy and tactics.

Incidental Functions

• Development of new computer and network security systems, including both hardware and software.

• Provide security analysis and consultation services for product, system and network architecture designs.

• Assist with other projects as may be required to contribute to efficiency and effectiveness of the group.

• Participate in hiring activities and fulfilling affirmative action obligations and ensuring compliance with the equal employee opportunity policy.

• 10% travel as required.

• Work outside the standard office 7.5 hour workday as required with on-call availability.

Position Requirements

Formal Education & Certification

• Bachelor degree or foreign equivalent in related field or equivalent experience.

• Preferred CISSP, GIAC, CEH, or CompTIA Security

Knowledge & Experience

•  5 years IT experience.

• Minimum 2 years of experience in cyber security incident response and security operations

•  2 years of experience with security technologies (e.g., IPS, IDS, DNS, proxies) and detection

techniques.

• Experience evaluating cyber threats.

• Understanding of common threats, penetration/intrusion techniques and attack vectors.

• Experience identifying and implementing solutions to complex business problems.

Preferred Experience in any combination of the following Security areas.

• Experience with application vulnerability assessments and vulnerability remediation.

• Experience with application penetration assessment and testing.

• Experience in digital forensics and malware analysis.

• Experience with Security and Information and Event Monitoring (SIEM) products such as Splunk and/or Qradar.

Personal Attributes

•  Ability to set and manage priorities.

•  Strong written and oral communication and interpersonal skills.

•  Ability to present ideas in business-friendly and user-friendly language.

•  Highly self-motivated and directed.

•  Keen attention to detail.

•  Strong analytical, evaluative, and problem-solving abilities.

•  Strong service orientation.

•  Team-oriented and skilled in working within a collaborative environment.

Must be legally authorized to work in country of employment without sponsorship for employment now

or in the future.

Equal Opportunity Employer. All qualified applicants will receive consideration for employment and

will not be discriminated against based on race. color, religion, sex, sexual orientation, gender

identity, national origin, protected veteran status, disability, age, pregnancy, genetic

information or any other consideration prohibited by law or contract.

VEVRAA Federal Contractor requesting appropriate employment service delivery systems, such as state

workforce agencies and local employment delivery systems, to provide priority referrals of

protected

veterans.