Senior Cybersecurity Analyst
A Career at Rheem: Where Comfort Is Your Calling
At Rheem, we are dedicated to bringing comfort to people's lives. As a leading global manufacturer of heating, cooling and water heating equipment, we are innovating new ways to deliver just the right temperature while saving energy, water, and supporting a more sustainable future. It is an exciting challenge that requires a team of talented, passionate people with a diverse set of skills. From engineers to accountants, sales professionals to support experts, we depends on people to power our innovations. Join our team and help shape the future of products that impact lives-every day.
Senior Cybersecurity Analyst 1
Certifications: CISSP, CISM, or CEH
The Senior Cybersecurity Analyst 1 is required to coordinate computer security incident activities involving various lines of business and operational groups. This is an opportunity to design, build, and optimize a security infrastructure for a stable and mature business.
Responsibilities will encompass multiple aspects of cybersecurity including assisting the shaping of security innovation and the evolution of Rheem's Enterprise Security Architecture and functions, reviewing and tracking detected incidents, identify new exploits and/or threats, develop mitigation strategies, enforcing incident-reporting standards, identify the necessary actions required to investigate and contain threats involved in an IT Security incident, and implementing and managing many security tools for cyber hygiene.
Implement key security programs including:
Security Planning and Implementation
Security advisements on key business initiatives
- Assisting with tactical cybersecurity plans
- Security assessments
- Vendor risk assessments
Enterprise Security Architecture & Cyber Hygiene
Assist with Cybersecurity tool design & implementation
- Selection and implementation of security tools
- Managing and administration of Cybersecurity tool
- Monitoring and response of Cybersecurity compliance
- Managing overall Cyber hygiene activities
- Assist with Network and physical security
Security incident response and investigation
Managing security event analysis
- Managing security incident response & remediation
- Assisting root cause analysis of both security incidents & tool
- Security policy awareness
- Emergency response
This position regularly communicates with middle management regarding security practices and procedures, and demonstrates strong technical abilities, problem-solving skills and contributes to a team-oriented environment. The Senior Cybersecurity Analyst works with outside vendors and internal departments to provide the highest level of security and support to the company.
Required Education & Experience:
A degree in IT and/or Business from an accredited college or university or comparable experience. Advanced degrees are preferred in Computer Science, IT, and/or related disciplines
Minimum 3-6 years of experience in a hands-on role managing processes including supervising and leading IT governance, security, or network infrastructure.
- Management of Cisco firewalls.
- Proficiency implementing and administering multiple cybersecurity tools.
Endpoint Protection (Cisco AMP, Cylance, Tanium, Cisco Umbrella, etc)
- Email Secuirty (Cisco Ironport, Office 365, Agari, etc)
- Event Monitoring & Incident Response (Forescout, Darktrace, Exabeam, etc)
- Access Management (MS Azure, OKTA, Duo)
Familiarity with 2 factor authentication products
- Preferred experience in an organization with network security and ERP systems such as Oracle EBS, SAP, etc.
- Preferred to have Certified Information Systems Security Professional (CISSP) certification
Provides security controls, processes and technical advisory support to business units and projects by working cross-functionally to develop and implement strategies and solutions that balance security recommendations with business needs.
- Serves as one of the primary information security interface to collaborate with business representatives, systems development and business users for establishing business requirements, information security functional requirements, security solution options and implementation plans.
- Assist in the development and implementation of network security and segmentation requirements
- Monitors and analyze computer networks for security threats and develop response procedures. Additional duties may include developing and testing software deployment tools, firewalls and intrusion detection systems
- Supervises record maintenance for all incident response activities.
- Develops and contributes to incident response framework, requirements and strategy.
- Develops and maintains standard operating procedure (SOP) documentation.
- Analyzes threats and vulnerabilities to determine their impact to Rheem's operations.
- Establishes and maintains cohesive working relationships with team members, management, key strategic business partners, and vendors.
- Conducts Investigations and eDiscovery efforts involving court-proven forensic processes and technologies.
- Conducts post-mortem evaluations on cyber security incidents and lead table-top incident response exercises.
- Assists in Rheem's response and mitigation of major security incidents including clear and concise communications to management, regulators, and auditors.
- Acquires and applies expert knowledge of the business, its products and processes.
- Analyses and root cause identification; develops and recommends business solutions impacting the enterprise.
- Coordinates compliance programs and communications with Auditors
- Preferred expertise in regulatory compliance including expertise in at least one compliance framework such as HIPAA, HITRUST, PCI, etc.
- Able to compartmentalized problems and solve them methodically and tracked them to completion.
- Performs other duties as assigned by manager.
Strong analytical and product management skills required, including a thorough understanding of how to interpret security needs and translate them into application and operational requirements.
- Ability to demonstrate successful implementation techniques based on industry established best practices.
- Balance business risk with the appropriate strategic security solution to protect the company from threats that lead to untenable risk
- Must be available to work outside of normal working hours or on- call within rotation or as needed.
- Applicant must be willing to travel 10% of the time and outside of the United States if necessary.
Must be proficient in writing documentation, preparing audit recommendations, and answering security questionnaires.
- Must demonstrate exceptional communication skills by conveying necessary information accurately, listening effectively and asking clarifying questions when needed.
- Outstanding verbal and written communications skills with all levels of management, staff, vendors and resellers.
Rheem is an Equal Opportunity Employer
Notice to Third Party Recruitment Agencies:
Please note that Rheem and its subsidiaries do not accept unsolicited resumes from recruiters or employment agencies. In the absence of an executed Recruitment Services Agreement, there will be no obligation to any referral compensation or recruiter fee.
In the event a recruiter or agency submits a resume or candidate without an agreement, Rheem and its subsidiaries shall explicitly reserve the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, will become the property of Rheem.
Back to top