[Close] 

Security Analyst

JOB SUMMARY:
The Security Analyst has advanced knowledge of industry practices for securing organization networks and hardware. The Information Security Analyst is responsible for the management and administration of security perimeter and internal network devices, security applications, and related hardware. This role is responsible for supporting the daily security operations and administration of the enterprise firewalls across the organization's various global locations. The role involves planning, designing, and implementing new security technologies. This role will provide hands-on technical leadership and will manage enterprise-wide projects from initiation to completion. The Security Analyst will partner with the IT Security Manager and leaders in other business units/operational areas to define security requirements.
DUTIES & RESPONSIBILITIES:
Manage and own the Cisco Network Security design, configuration, and tuning of Cisco security appliances.
Configure and actively manage ASA Firewalls including: NAT, ACL configuration, Next-Gen features, HA configurations, multi-context, transparent mode.
Manage and monitor global perimeter network security including: Cisco SourceFire / FireSight / AMP.
Manage, monitor, and drive complex security focused deployment of Splunk while working side by side with the customers to solve their unique problems across a variety of use cases.
Configure and maintain enterprise VPNs including: site to site, remote access client, IPSec, IKE, tunnel modes, SSL/clientless/AnyConnect, Tunnels between Firewalls, Routers.
Perform security service administration including: Intrusion Detection/Intrusion Prevention Systems, SPAM Filtering, Web Filtering, etc.
Perform and/or coordinate fixes from vulnerability findings, system/application vulnerability assessments, network security architecture reviews, and risk assessments.
Implement and support Network Access Control (NAC) and RSA across the organization.
Follow established standards, policies, and configuration guidelines. Develop and document new standards and procedures for the team to review while ensuring compliance with FBHS corporate security policies.
Assist in managing on-call incident escalation, off-hours maintenance work for incidents, emergency change requests, and general maintenance.
Serve as primary technical lead in support of enterprise IT incident response events by conducting and coordinating detailed forensics and related tasks.
Prepare reports that document security breaches, including the extent of the damage caused by breach.
Recommend security enhancements to management / senior IT Staff.
Provide education to users when they need to install or learn about new security products and procedures.
Analyze and identify security risks/vulnerabilities while developing solutions to risks.
VALUES:
Demonstrates INTEGRITY
WORKS AS A TEAM
Takes OWNERSHIP
ACTION - biased
Fosters a WINNING spirit
KEY COMPETENCIES:
Strategic Mindset: Ability to see future possibilities and translate them into strategies
Drives Vision and Purpose: Paint a compelling picture of the vision and strategy that motivates others
Business Insight: Apply knowledge of business and the marketplace to advance the organization's goals
Collaborate: Build partnerships and work collaboratively with others to meet shared objectives
Communicate Effectively: Develop and deliver multi-mode communications that convey a clear understanding of the unique needs of different audiences
Instill Trust: Gain the confidence and trust of others through honest, integrity and authenticity
Customer Focus: Build strong customer relationships and deliver customer-centric solutions
Organizational Savvy: Maneuver comfortably through complex policy, process and people related organizational dynamics
Build Effective Teams: Build strong identity teams that apply diverse skills and perspectives to achieve common goals
Drive Engagement: Create a climate where people are motivated to their best to help the organization achieve its objectives
Drives Results: Consistently achieves results, even under tough circumstances
Decision Quality: Make good and timely decisions that keep the organization moving forward
Plans and Aligns: Plan and prioritize work to meet commitments aligned with organizational goals
Ensures Accountability: Holding self and others accountable to meet commitments
RequirementsQUALIFICATIONS:
REQUIREMENTS, EDUCATION AND EXPERIENCE:
BS in Computer Science, Computer Engineering, Mathematics or related field preferred with 7-10 years applicable experience in the industry.
3+ years' experience with Cisco ASA security engineering and/or security operations.
3+ years of hands on experience with security monitoring tools such as IDP/IDS, FW and AV (Cisco IDS, Snort, Palo Alto, Checkpoint, Cisco ASA, McAfee, Symantec).
Network and web-related protocol knowledge (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) required as well as a background in scripting/programming (e.g., Python, Ruby, Java, JS, etc.).
Experience with Splunk, Qualys, or other related SIEM/Vulnerability tools a plus.
Experience with security frameworks and standards such as ISO 27001 and NIST Cybersecurity Framework.
Demonstrated success as a technical leader within IT security handling highly complex projects.
Ability to thrive in a fast paced environment, while utilizing good judgement in order to resolve complex issues and challenges.
Self-starter who takes ownership for all work while being able to prioritize projects and customer requests.
Make oneself available 24x7 to handle any off-hour system emergencies.
Security certifications are a definite plus.
The Master Lock Company is an equal opportunity employer. Applicants are considered for positions without regard to race, color, national origin, ancestry, religion, sex, sexual preference, age (40 and over), disability, genetic information, military or veteran status, citizenship or any other characteristic protected by applicable federal, state or local law. The Master Lock Company also prohibits harassment of applicants or employees based on any of these protected categor

. Apply now!

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.