Cybersecurity Analyst – Governance, Risk and Compliance
Coca-Cola Canada Bottling Limited
Cyber Security
IT Security Analyst
Marmon Holdings, Inc.
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteSalary
💰 $96,000 - $144,000 per year
Job Level
Mid-LevelSenior
Tech Stack
Cyber SecurityFirewallsVMware
About the role
- Proactive management and monitoring of existing cyber tools (e.g. Qualys, SentinelOne, Abnormal, Proof Point, Bitsight, Delinea, Artic Wolf, etc.)
- Ensure business compliance with Marmon Standard Practice Instructions (e.g. IT-010, IT-020, IT-030, and IT-040) and work closely with businesses to address any gaps in compliance
- Implement security policies and procedures to protect the organization's IT infrastructure and data
- Lead initiative to ensure defense businesses are CMMC compliant and ensure business compliance with any other Security and Operations policies such as PCI-DSSs, ISO 27001, GDPR, CCPA, NIST, ITAR, and other regional security / privacy regulations
- Coordinate all security activities with Marmon Corporate and other Marmon Group IT teams
- Collaborate with other IT teams to ensure the organization's IT infrastructure is secure and compliant with industry standards and regulations
- Provide oversight across all security technologies such as firewalls, access points, antivirus software, intrusion detection systems, and other security tools
- Train employees on IT security best practices and raise awareness about cyber threats
- Ensure that third-party risk assessments are completed for all service providers and that each service provider shares a SOC 2 Type 2 report stating they achieved Trust Service Principles compliance
- Participate in IT audits and IT assessments to evaluate the effectiveness of the organization's security program
- Assist businesses in managing computer assets, ensure cybersecurity tools installed on assets, and ensure plans in place to replace or upgrade end of life systems
- Assist businesses in managing domain registrations and ensuring strong controls in place for SPF, DKIM and DMARC
- Conduct risk assessments to identify potential threats or vulnerabilities and develop mitigation strategies
- Collaborate with businesses to create incident response and disaster recovery plans
- Monitor security events to detect and investigate potential security breaches or threats
- Manage security incidents, including containment, investigation, and recovery
- Prepare reports and presentations for management to communicate security posture and risks
- Stay up to date with the latest security trends and technologies and evaluate how they may affect the organization's security posture
- Travel to businesses periodically to work with local IT teams (estimate about 10%)
Requirements
- Bachelor's or a degree in Computer Science, Information Technology, or a bachelor’s degree and job experience in security, and information technology
- Relevant industry certifications such as Network Security, Sec+, DR, CISSP, CISM, or CISA
- At least five years of experience in IT security, and experience in providing desktop/network support
- Strong knowledge of security technologies, such as firewalls, antivirus software, intrusion detection systems, offensive pen testing, defensive pen testing, and other security tools
- Familiarity with industry standards and regulations such as ISO 27001, CCPA, GDPR, and CIS
- Experience in developing and implementing security policies and procedures
- Excellent communication skills, including communicating technical information to non-technical stakeholders
- Ability to work independently and in a team environment
- Strong analytical and problem-solving skills
- Ability to maintain confidentiality and work with sensitive information
- Experience with zero trust architecture and implementing zero trust principles
- Willingness to work outside normal business hours when required
- Preferred: Previous experience in a highly decentralized and disparate technology environment
- Preferred: Systems integration experience
- Preferred: Mergers and acquisition experience
- Preferred: Experience with Microsoft, Cisco, Palo Alto, VMware, Hyper-V, Qualys, SentinelOne, Abnormal Security, Artic Wolf, and other leading security tools
Benefits
- Comprehensive benefits package that may include medical, dental, vision, 401k matching, and more!
- Diverse learning and working opportunities
- Remote work option (Remote - United States of America)
- Fostering a culture where everyone’s empowered to be their best
ATS Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
IT securitysecurity policiesrisk assessmentsincident responsedisaster recoveryzero trust architectureoffensive pen testingdefensive pen testingnetwork supportcompliance management
Soft skills
communication skillsanalytical skillsproblem-solving skillsindependent workteam collaborationconfidentialitytraining and awarenessproactive managementpresentation skillsadaptability
Certifications
CISSPCISMCISASec+Network SecurityDR
