Senior Information Security Analyst

Position: Senior Information Security Analyst

Location: Cleveland, OH

Duration: Full-time

Salary: DOE

About the role

Reporting directly to the Director of Information Security, you'll play a vital role in maintaining a secure environment through incident response, threat hunting, security assessments, and enhancing IT inventory controls. This is an excellent opportunity to work on innovative security initiatives and collaborate with global teams to protect and empower global operations.

Key Responsibilities

• Cybersecurity Initiatives: Collaborate with Division and Global teams to execute key initiatives of the Division Information Security Plan.
• Incident Response: Investigate and resolve cybersecurity incidents in partnership with Network, Infrastructure, and the Global SOC team.
• NIST CSF Assessments: Lead the NIST Cybersecurity Framework (CSF) assessment process, identifying gaps and implementing solutions.
• Pen Testing & Vulnerability Management: Manage penetration testing and vulnerability remediation, offering consulting support to infrastructure teams.
• Project Security Support: Drive security efforts for major initiatives, including Power BI and ERP system upgrades, ensuring comprehensive security measures.
• IT Supply Chain Security: Oversee vendor assessments and improve controls for SAAS and application inventory processes.
• Thought Leadership: Stay ahead of trends in IAM, SASE, and Zero-Trust, contributing innovative solutions to the security landscape.
• Cybersecurity Awareness: Support the rollout of impactful training programs for IT staff and end users in collaboration with the Director.
• Performance Monitoring: Develop, monitor, and maintain KPIs and SLAs to measure and ensure peak security performance.
• Policy Development: Enhance policies and procedures to continuously improve cyber defenses across Division and Global teams.

Qualifications

• Education & Experience:
• Bachelors Degree in a relevant field.
• 6+ years of experience in information security.
• Certifications:
• CISSP, CCSP, CISM, or similar certifications are highly desirable.

• Technical Expertise:
• Prior experience in IT Systems Administration with a focus on security.
• Deep knowledge of cybersecurity frameworks and standards such as NIST, ISO, SOC2, GDPR, HIPAA, and PCI.
• Hands-on experience with penetration testing, vulnerability assessments, and remediation coordination.
• Proficiency in application and development security (SecDevOps, secure SDLC), infrastructure/network security (NGFW, SASE, Zero-Trust, EDR), and cloud security (Azure, AWS, Google).