Academic Background, Address Management, Amazon Web Services (AWS), Analysis Skills, Automation, Bash Scripting, Best Practices, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cloud Architecture, Cloud Computing, Communication Skills, CompTIA Security+, Computer Science, Computer Security, Consulting, Cross-Functional, Customer Relations, Data Processing, Documentation, Establish Priorities, Incident Response, Information Technology & Information Systems, Information/Data Security (InfoSec), International Information Systems Security Certification Consortium (ISC)2, Internet Security, Leadership, Legal Reports, Manufacturing, Microsoft Windows Azure, Multitasking, Oracle, Presentation/Verbal Skills, Privacy Controls, Problem Solving Skills, Process Improvement, Risk, Security Information and Event Management (SIEM), Security Monitoring, Security Patches, Service-Oriented Architecture (fka Distributed Object Architecture), Signal-to-noise Ratio (SNR), Software Patches, Time Management, U.S. National Institute of Standards and Technology (NIST), Windows PowerShell, Writing Skills
As a member of BISSELL's Privacy and Cybersecurity team, the Associate Cybersecurity Analyst will act as a valuable contributor to the implementation and support of our global organization’s cybersecurity infrastructure. The role will contribute to successful project deployments, exceeding customer expectations, and providing ongoing support and maintenance security tools, with a focus on reliability and security of the BISSELL digital systems and services. Finally, this position also plays a hands-on role in detecting, escalating, and responding to privacy and cybersecurity incidents.
The Associate Cybersecurity Analyst will be a crucial advocate for the advancement of positive, ethical principles and conduct aligned with the organization’s Core Values.
This role requires an excellent communicator and technically minded individual that is passionate about cybersecurity, cloud computing, data protection, and tackling complex problems across a diverse set of colleagues and stakeholders.
This role sits within legal and reports to the Director, Privacy & Cybersecurity.
Responsibilities:
Major Duties, Accountabilities, and Responsibilities
- Collaborate cross-functionally: Collaborate with various IT and business stakeholders to implement security controls promptly, minimizing business disruption.
- SIEM / Log Monitoring: Monitor, triage, and investigate alerts in the organization’s SIEM and respond thoughtfully considering organization’s priorities and availability of resources.
- Vulnerability and Patch Management: Identify, remediate, advise, monitor, and report on security patch management. Address lapses and consult with system custodians on appropriate controls.
- Cloud security posture management: Monitor the organization’s cloud security posture and work with IT and other business stakeholders to implement best practices across the organization’s Azure, AWS, and Oracle cloud environments.
- Incident Response: Monitor security incidents, advise on incident response processes, triage incidents by severity, and escalate severe events as per incident response plans.
- Documentation: Create and maintain cybersecurity response documentation, incident playbooks, and internal processes.
- Problem Solving: Demonstrate creative problem solving, conflict resolution, and critical thinking skills. Provide business-focused and risk-balanced solutions to challenges faced by the business.
- Prioritization and Multitasking: Successfully prioritize work, meet deadlines, and manage multiple tasks independently.
- Process Improvement: Continuously identify areas for improvements in processes, including tuning security alert rules to improve signal-to-noise ratio for false positives.
- Continuous Learning: Stay updated on current technologies and global trends and risks through ongoing training and knowledge maintenance.
Qualifications:
REQUIRED EXPERIENCE/EDUCATION:
Education: Bachelor’s degree (or equivalent) in cybersecurity, information technology, or computer science, with coursework focused on data protection or cybersecurity or related field.
Experience: 1 year of experience in a Cybersecurity or related role, with strong academic background and understanding of modern data processing environments, service-oriented architectures, cloud computing technologies and relevant cybersecurity, data protection, and privacy standards.
SPECIALIZED TRAINING/EDUCATION PREFERRED:
- Certifications demonstrating relevant cybersecurity or data protection knowledge (e.g. ISC2 CC, CompTIA Security+, CEH, CISSP, or CISM)
- Experience in a global, consumer-facing, or manufacturing organization.
- Basic scripting (Bash and/or PowerShell) for automation
- Knowledge of MITRE ATT&CK or NIST frameworks
SKILLS REQUIRED:
- Strong and demonstrated written and oral communication skills
- Ability to exercise sound judgement, problem solve and make decisions in complex situations.
- Proven ability to take ownership, self-motivate, and deliver results in sometimes ambiguous situations.
- Experience working with large, enterprise-wide technology implementations that impact multiple business functions.
- Excellent written and verbal communication skills with the ability to present complex information in a clear and concise manner to leadership.
WHAT'S NEXT, APPLY NOW!
BISSELL is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, ethnicity, disability, religion, national origin, gender, gender identity, gender expression, marital status, sexual orientation, age, protected veteran status, or any other characteristic protected by law.