Sr. I.T. Security Analyst - Erlanger, KY
Archer Daniels Midland
I.T. Senior Security Analyst – Decatur, IL; Erlanger, KY
This is an exempt level position.
Position Summary:
The Information Technology Senior Analyst is a member of the Security Engineering team and be responsible for ensuring the security of information systems assets, to protect systems from intentional or inadvertent access or destruction.
Job Responsibilities:With minimum supervision review firewall and proxy requests and evaluate for adoption to ensure that they conform to current security best practices and current security policy.Ability to assess business and technical requests and evaluate the risk to ensure effective and pragmatic security mitigations are in place or work with requestor to provide remediation requirements to meet the business objectives.Represent the Global Information and Cyber Security (GICS) function in change and incident processes, evaluate for adoption to ensure that they conform to current security best practices and current security policy.Involve security analyst and engineer peers in circumstances where there is uncertainty in the approach or decision evaluating Service Now tickets, particularly Incident and Change requests.Clear understanding of the Global Technology (GT) and GICS policies and procedures maintained on the GT Policies and Standards web site.Establish and continually evolve the ongoing processes and procedures for Global firewall and proxy change requests.Use ticketing system for documenting and processing requests and incidents in which Global Information and Cyber Security (GICS) are involved.Use existing tools and procedures to verify IT infrastructure and applications are compliant to GT Policy; apply network & server administration skills and knowledge to guide system level administrators in IT Policy complianceArticulate impact and requirements of GT assets as it relates to requests and involve more senior level team members at appropriate times for recommendations on approval decisions.Manage and maintain the Vulnerability Remediation program (Patch Champion)Coordinate and facilitate the GICS Vulnerability Management workgroupConduct and interface with Attack Surface Management team on assessments and administrative audits on computer systems and network devices as part of request and approval process.Schedule, coordinate, and track the remediation of open vulnerabilities for assets owned by Global Information and Cyber Security.Coordinate the assignment of vulnerabilities for assets owned by Global Information and Cyber Security applications and tools to the respective teams for resolution.Provide the monitoring of metrics and performance indicators for the vulnerability remediation program, including reports to the appropriate management and team members.Provide support and guidance for Cyber Security Analysts on the team.Support Global Technology and Cyber Security projects and initiatives in the development of solution processes and procedures as requested by Security Engineering.Assist overall Global Technology and Cyber Security functions as directed.Must display enthusiasm and interest in IT SecurityOther Specific Job Tasks
ITSM – Service and Incident Request tasksSIEM (ArcSight) monitoring and queriesVulnerability Item reviewsNew software request – software sandboxingProvide guidance for users to identify when vulnerability, policy, or risk exceptions are identified during project/initiative technical reviews and SNOW ticket reviewsNetwork Security – New and ChangeFirewallProxyAzure Requests – New and Change reviewsFrontdoorAzure App GatewayAzure listenersNSGWAFNGFWOther Global Technology and Cyber Security TasksDashboard Development & UpdatesChange request review and scheduling for CAB presentationsAttendance and support for CAB meetingAttendance and support for Cross Functional meetingPerform Application vetting (Business and OT)Support ArcSight Security Engineer with the following:Review open tickets with Managed Services providerDevelop connector scripts to support data ingestion to collectorsPerform testing and validation for issue troubleshooting and resolutionCoordinate and support application upgrades and patchingJob Requirements:Two year degree in an IT related field or equivalent IT work experience3+ years’ experience in Information Security4+ years’ experience in Information TechnologyGeneral networking concepts (Cisco or Palo Alto firewall experience a plus)Excellent oral and written communications skillsAbility to translate technical information to business languageFunctional experience in ITIL processesFunctional experience in Service Desk platformsMaintain to exceed Service Level Objective and Service Level Agreements with customers, partners, and stakeholdersAbility to communicate and collaborate effectively with other team members in a geographic and culturally diverse workforceExpected to work occasional nights, weekends, holidays, and overtimeExpected to perform on-call dutiesAbility to respond to critical incidents while on-call and as requiredStrong sense of professionalism and ethicsExcited about this role but don’t think you meet every requirement listed? We encourage you to apply anyway. You may be just the right candidate for this role or another one of our openings.
ADM requires the successful completion of a background check.
REF:95990BR
This is an exempt level position.
Position Summary:
The Information Technology Senior Analyst is a member of the Security Engineering team and be responsible for ensuring the security of information systems assets, to protect systems from intentional or inadvertent access or destruction.
Job Responsibilities:With minimum supervision review firewall and proxy requests and evaluate for adoption to ensure that they conform to current security best practices and current security policy.Ability to assess business and technical requests and evaluate the risk to ensure effective and pragmatic security mitigations are in place or work with requestor to provide remediation requirements to meet the business objectives.Represent the Global Information and Cyber Security (GICS) function in change and incident processes, evaluate for adoption to ensure that they conform to current security best practices and current security policy.Involve security analyst and engineer peers in circumstances where there is uncertainty in the approach or decision evaluating Service Now tickets, particularly Incident and Change requests.Clear understanding of the Global Technology (GT) and GICS policies and procedures maintained on the GT Policies and Standards web site.Establish and continually evolve the ongoing processes and procedures for Global firewall and proxy change requests.Use ticketing system for documenting and processing requests and incidents in which Global Information and Cyber Security (GICS) are involved.Use existing tools and procedures to verify IT infrastructure and applications are compliant to GT Policy; apply network & server administration skills and knowledge to guide system level administrators in IT Policy complianceArticulate impact and requirements of GT assets as it relates to requests and involve more senior level team members at appropriate times for recommendations on approval decisions.Manage and maintain the Vulnerability Remediation program (Patch Champion)Coordinate and facilitate the GICS Vulnerability Management workgroupConduct and interface with Attack Surface Management team on assessments and administrative audits on computer systems and network devices as part of request and approval process.Schedule, coordinate, and track the remediation of open vulnerabilities for assets owned by Global Information and Cyber Security.Coordinate the assignment of vulnerabilities for assets owned by Global Information and Cyber Security applications and tools to the respective teams for resolution.Provide the monitoring of metrics and performance indicators for the vulnerability remediation program, including reports to the appropriate management and team members.Provide support and guidance for Cyber Security Analysts on the team.Support Global Technology and Cyber Security projects and initiatives in the development of solution processes and procedures as requested by Security Engineering.Assist overall Global Technology and Cyber Security functions as directed.Must display enthusiasm and interest in IT SecurityOther Specific Job Tasks
ITSM – Service and Incident Request tasksSIEM (ArcSight) monitoring and queriesVulnerability Item reviewsNew software request – software sandboxingProvide guidance for users to identify when vulnerability, policy, or risk exceptions are identified during project/initiative technical reviews and SNOW ticket reviewsNetwork Security – New and ChangeFirewallProxyAzure Requests – New and Change reviewsFrontdoorAzure App GatewayAzure listenersNSGWAFNGFWOther Global Technology and Cyber Security TasksDashboard Development & UpdatesChange request review and scheduling for CAB presentationsAttendance and support for CAB meetingAttendance and support for Cross Functional meetingPerform Application vetting (Business and OT)Support ArcSight Security Engineer with the following:Review open tickets with Managed Services providerDevelop connector scripts to support data ingestion to collectorsPerform testing and validation for issue troubleshooting and resolutionCoordinate and support application upgrades and patchingJob Requirements:Two year degree in an IT related field or equivalent IT work experience3+ years’ experience in Information Security4+ years’ experience in Information TechnologyGeneral networking concepts (Cisco or Palo Alto firewall experience a plus)Excellent oral and written communications skillsAbility to translate technical information to business languageFunctional experience in ITIL processesFunctional experience in Service Desk platformsMaintain to exceed Service Level Objective and Service Level Agreements with customers, partners, and stakeholdersAbility to communicate and collaborate effectively with other team members in a geographic and culturally diverse workforceExpected to work occasional nights, weekends, holidays, and overtimeExpected to perform on-call dutiesAbility to respond to critical incidents while on-call and as requiredStrong sense of professionalism and ethicsExcited about this role but don’t think you meet every requirement listed? We encourage you to apply anyway. You may be just the right candidate for this role or another one of our openings.
ADM requires the successful completion of a background check.
REF:95990BR
Por favor confirme su dirección de correo electrónico: Send Email
Todos los trabajos de Archer Daniels Midland