Information Security Analyst

JOB_REQUIREMENTS

Hires in

Not specified

Employment Type

Not specified

Company Location

Not specified

Salary

Not specified

Job Purpose

Supports the security of Progress Rail’s information technology, operational technology, and locomotive systems, networks, and data.

Req ID

11454BR

City

Albertville

State:

Alabama

Company Description

Progress Rail stands at the intersection of legacy and innovation—driving the future of rail with a pioneering spirit. Since its founding in 1983, the company has grown to become one of the world’s largest and most trusted providers of railroad products, services, and technologies. Today, Progress Rail delivers a comprehensive portfolio of cost-effective solutions to railway customers around the globe. From the rails themselves to the EMD® locomotives that ride them, the company’s products are in operation across more than 100 countries—powering progress and connecting communities. In 2006, Progress Rail joined Caterpillar Inc., further strengthening its ability to lead the rail industry with cutting-edge technology, unmatched expertise, and a commitment to excellence. At Progress Rail, the team is not just building the future of rail—they are making history every day.

Key Job Elements

Responsible for day-to-day cybersecurity operations including vulnerability management, risk assessments, vulnerability remediation plans, threat modeling, incident response, security audits, and cybersecurity related tickets;
Responsible for assisting with the daily support and operations of security software stack such as EDR, DLP, Proxy, SIEM, and other tools;
Responsible for identifying and prioritizing vulnerabilities and risks through use of multiple tools and systems;
Responsible for collaborating with stakeholders and senior leadership to ensure a thorough understanding of all security findings and the risks they pose to the organization. This will require assisting in the research of findings as well as helping to identify and implement remediation plans in a timely manner while ensuring minimal impact to the organization through a defined remediation plan;
Responsible for promoting security awareness through the building of relationships with team member, leaders, and application and asset owners to help build a resilient security program within the organization. This includes mentoring of colleagues as well as acting as a point of contact and technical translator for those that are not well versed in cybersecurity terms, techniques, and processes;
Responsible for creation and tracking or vulnerability remediation plans across multiple organizational units;
Responsible for creating, maintaining, and receiving alerts related to potential security events as well as investigating security events and assisting in determining an appropriate response and corrective actions;
Required to participate in internal security audits, investigations, or other information gathering activities.

Education / Training

Bachelor's degree in cybersecurity, computer science, information security, a related field.

Qualifications and Experience

Demonstrable experience in the area of vulnerability management;
Excellent problem-solving abilities and analytical mindset;
Working knowledge of Linux and Windows operating systems and basic networking skills;
Working knowledge of security risks management, CVSS (Common Vulnerability Scoring System), CVE (Common Vulnerabilities and Exposures), and vulnerability remediation/mitigation;
Strong oral and written communication skills and the ability to work with both teammates and senior leadership with the ability to effectively communicate vulnerabilities, risks & impacts, and mitigations or remediation plans;
Working knowledge of manufacturing environments, industrial control systems, and enterprise IT architecture.

Preferred Skills:

Industry certification such as Security+, Network+, GIAC Security Essentials, GIAC Enterprise Vulnerability Assessor, Certified Ethical Hacker (CEH), Global Industrial Cyber Security Professional (GICSP), CISSP, CISA, or equivalent alternative education, skills, and/or practical experience;
Knowledge of compliance and regulatory program requirements such as ISO 27000, IEC 62443, ISO 30111, NIST, GDPRA, and SOC standards;
Working knowledge of vulnerability management.

Key Words: Cybersecurity, Security Analyst, Security Remediation, Offensive Security, Vulnerability Management, Risk Management, Incident Response, Windows, Linux

Benefits

Compensation and benefits offered may vary depending on multiple individualized factors, job level, market location, job-related knowledge, skills, individual performance, and experience. Please note that salary is only one component of total compensation at Progress Rail.**

Competitive Salary
401(k) plan with up to 6% company match (no waiting period with immediate vesting)
Medical/Dental/Vision/Life/Disability Insurance
Supplemental Accident, Critical Care, and Hospital Insurance available along with an HDHP and HSA with seed money
Flexible Spending Accounts
Paid Vacation
Paid Holidays
Paid Time-Off (PTO)
Employee Assistance Plan
Education Assistance Program
Employee Recognition Programs
Site specific Production and Incentive Plans
Site specific Step and Skill Level Wage Adjustment Plans
Site Specific Relocation and Sign-on Bonus Programs

Benefits eligibility varies by job position, full-time/part-time and regular/temporary status. The provisions of the plan documents control such benefits.

**Subject to position, eligibility, and plan guidelines.

EEO

Progress Rail is an Equal Opportunity Employer, including Veterans and Individuals with Disabilities.

Job Category

Information Technology

PRS Facility Location

Albertville, AL (PRSC Corp HQ) - 001

Similar jobs