• Global IT Security Analyst

    Job ID
    2018-3054
    Location
    US-PA-Glen Mills
    Type
    Full-Time Regular
    Functional Group
    Information Technology
    Business Segment
    Global
    Region
    Americas
  • Overview

    Axalta is a leading global company focused solely on coatings and providing customers with innovative, colorful, beautiful and sustainable solutions.  From light OEM vehicles, commercial vehicles and refinish applications to electric motors, buildings and pipelines, our coatings are designed to prevent corrosion, increase productivity and enable the materials we coat to last longer.  With 150 years of experience in the coatings industry, the 13,000 people of Axalta continue to find ways to serve our more than 120,000 customers in 130 countries better every day with the finest coatings, application systems and technology.  For more information visit axaltacoatingsystems.com and follow us @axalta on Twitter and on LinkedIn.

    Responsibilities

    GLOBAL IT SECURITY ANALYST  

     

     

    The Global IT Security Analyst will work closely with the entire global IT team and all levels of management to ensure that cyber security services are provided as outlined.  The role will also work closely with the Portfolio Management teams, partners and customers as needed. This role reports to the Global IT Security Manager and will be located in Glen Mills, PA.
     

    ESSENTIAL JOB FUNCTIONS:

     

    • Conduct internal, external and 3rd party IT audits, risk assessments, and vulnerability scans.
    • Liaise with other governance functions such as physical Security/Facilities, Internal Audit, IT, HR, Legal, and Compliance.
    • Respond to computer security incidents, in-depth computer and network investigations. Assist in or lead incident response to a successful completion.
    • Oversee installation, upgrades, and configuration of Information Security software. Make sure issues are properly coordinated, tracked, monitored and resolved globally.
    • Be an Information Security subject matter expert (SME) that’s part of an information security center of excellence; offering internal management consultancy advice and practical assistance on information security risk and control matters.
    • Drive for consistent deployment of information security policies, standards, procedures, guidelines and training.
    • Assess Information Technology technical controls, policies and procedures for control gaps. Recommend and support deployment of mitigations design on business need and risk.
    • Develop new and improve existing technical documentation.
    • Work as a team player.
    • Perform Security Risk Assessments, identifying gaps and recommending mitigating controls.
    • Develop and present project related material (e.g. to key stakeholders, peers, etc.).
    • Support an Application Security program working closely with the DevOps, application development and QA teams.
    • Maintain documentation related to the Application Security program including the development of secure coding policies, procedures and standards, modification of the Software Development Life Cycle (SDLC) to include necessary security checkpoints, code review methodologies, etc.
    • Pursue understanding of application security requirements early-on and incorporate into secure code development practices.
    • Maintain knowledge of new security trends and technologies.
    • Support the assessment and acquisition of application security tools and technologies.
    • Attend design and application architectural reviews to establish expertise and assimilate knowledge of the environment. 

     

    #LI-GM1


    Qualifications

    • Bachelor’s degree in Computer Science / Information Security or related field.
    • CISSP or Associate certification required, CISA, CRISC a plus.
    • A minimum of three (3) to five (5) years’ experience in Information Security and/or Technical projects, including experience leading large global projects.
    • Experience with Cyber Security related technologies and large enterprise implementations.
    • Practical knowledge of Information Security Management Systems and compliance standards as ISO 27000, SOX and PCI.
    • Understanding of key security services, such as Internet Content Filtering, Remote Access, Firewalls, IDS/IPS, Virus Protection, AAA (including 2Factor), Digital Certificates and PKI.
    • Understanding of Public Cloud services.
    • Must possess strong and demonstrated organizational, communication, and negotiation skills.
    • Must be able to lead multi-disciplined project teams through project lifecycle (planning-development-implementation-closeout).
    • Demonstrated knowledge in project packages, detailed project plans, project risk identification and mitigating strategies.
    • Must be able to demonstrate field presence during the planning and installation phases of the project.
    • Must have experience   with multi-national corporations.
    • Must be able to travel internationally periodically.
    • Must understand the concepts of Authentication, Authorization and Accounting.
    • Technical knowledge of Microsoft Windows environments (Windows 7-10.x, Server Platform) as must, MacOS a plus.
    • Understanding of Risk and the need for risk based reviews and controls.
    • Understanding TCPIP and basic network technologies, advanced knowledge is a plus.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed