Analyst Principal-Cyber Security
The Senior Security Analyst will be responsible for assessing cyber security risk and facilitates remediation of identified vulnerabilities across the Westlake computing environment including desktops, servers, printers, and network infrastructure equipment. Provides advanced technical direction and in-depth assistance resolving Cybersecurity vulnerabilities.
DUTIES AND RESPONSIBILITIES
May include, but are not limited to, the following:
- Ensure the Company Complies with Cybersecurity policies and procedures
- Maintain and update documented Cybersecurity policies and procedures
- Work with IT Management & Auditors to coordinate and conduct security audits, risk assessment & analysis
- Performs vulnerability assessments as assigned utilizing Cyber Security tools and methodologies
- Performs assessments of the cyber security/risk posture within the IT network, systems and software applications.
- Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk scenarios.
- Research attempted security breaches and rectify security weaknesses
- Administer Vulnerability Management, Firewalls, SIEM, Endpoint Security, Intrusion Prevention Devices, Network Access Control Systems, Internet Filtering systems, Phishing exercise product, etc.
- Provides weekly project status reports, including outstanding issues.
- Daily activities include: Reviewing various monitoring tools, reporting findings at daily status meeting, Monitoring security information sources for recent incidents and threats.
- Monthly activities include: Scanning network for vulnerabilities, Recommend critical security patches and Privileged user access reviews
EDUCATION, EXPERIENCE AND QUALIFICATIONS
- Bachelor’s degree in computer related field and/or 7 years or more of practical Cybersecurity experience.
- CISSP required. Other security certifications a plus
- Manufacturing, Chemical company or Industrial Control System experience is a plus
- Cloud Security is a plus
- Several years of hands on experience with Windows and enterprise security product administration, including AV/EDR, next gen firewalls, industry standard vulnerability scanning and reporting products
- Excellent understanding of the latest security exploits
- Strong knowledge of network and server architecture and protocols
- Able to resolve security issues using a network monitor to observe traffic at the packet level
- Full understanding of the OSI model
- Familiar with the NIST Cybersecurity Framework
- Scripting is required
- UNIX (HP-UX or Linux) knowledge is a plus
- Able to work weekends/evenings for maintenance and emergency work as needed
- Always on call for security incidents
- Strong oral and written communication skills
- Strong analytical and problem solving skills
- Ability to multi-task and work well under pressure
While performing the duties of this job, the employee is frequently required to sit; stand; walk; use hands to touch, handle, or feel; reach with hands and arms; and talk or hear. The employee is occasionally required to stoop, kneel, or crouch. The employee must regularly lift and/or move up to 10 pounds, frequently lift and/or move up to 25 pounds, and occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus.
The noise level in the work environment is usually moderate as normally based in an office. Some of the work may be required in the operating units which can require usage of required PPE including safety glasses, hearing protection, etc. May also result in exposure to outside elements and may require usage of stairs and elevators. Travel including air travel or auto travel may occasionally be required.