Benjamin Moore is proud to be a part of Berkshire Hathaway, which was recognized by Fortune magazine as the world's fourth most admired company. And for more than 130 years we've been a respected leader in the architectural coatings and home décor landscape; creating the products and tools that enrich and beautify thousands of communities each day. We recognize that our associates are the driving force behind our success and we strive to provide a work environment where hard work, creativity and purposeful collaboration are fostered and encouraged.
Join a company where innovation is constantly recognized as we look for individuals who produce world-class products, best-in-class services and customer experiences, design pioneering paints using the latest technologies and deliver unparalleled value and brand experiences for our customers and retail network.
As a key member of BMC Security Operations, the Sr. Information Security Analyst will provide technical expertise within the areas of threat management, incident response, and access management. The individual will work with various teams and stakeholders and provide support to the Computer Security Incident Response Team (CSIRT).
The position requires the ability to analyze and interpret security incidents and drive outstanding incidents to closure. Key responsibilities include assisting in the day-to-day operations and monitoring of BMC security applications including Security Incident and Event Management (SIEM) platform, endpoint protection (AV/ Anti-Malware), Data Loss Prevention (DLP), intrusion detection/prevention systems (IPS/IDS), Privileged Access Management (PAM) and other commercial and open-source security systems/applications.
Operations support includes the ability to create formal documentation and provide recommendations for security improvements. This role will require the individual to multitask and serve as a technical point-of-contact for information security-related incidents and access management. The role requires occasional off-hours support and on-call rotation.
- Monitor and or manage various industry-standard security tools (e.g., SIEM, Privilege Access Management, Network Access Control, Endpoint Protection, Data Loss Prevention, IDS/IPS, etc.) to identify potential security-related incidents.
- Conduct vulnerability scans using industry-standard tools such as Rapid7, Qualys, Metasploit, etc.
- Analyze log files from various sources to report and follow-up on any unusual or suspect activities.
- Properly acquire and preserve the integrity of data/evidence required for incident analysis to help determine the impact and the root cause of the incident.
- Follow standard incident response procedures to ensure proper escalation, analysis, and resolution of security incidents.
- Create and utilize incident response playbooks to follow established and repeatable processes for triaging and containment of an incident.
- Work with various stakeholders to ensure appropriate communication, coordination and closure of incidents.
- Actively contribute to the development and oversight of the enterprise security management strategy and framework.
- Participate in and lead product selection, vendor evaluations (Third Party Risk Management), and implementations of security technologies.
- Industry security and systems certifications (CISSP, CEH, GCIH, RHCSA/RHCE, MCSE, CCNA, etc.)
- Hands-on experience with vulnerability management tools, identity and access management, log management web proxies, endpoint protection platforms (AV, EDR, DLP, encryption, etc.)
- Experience with monitoring for policy violations or malicious activity and providing appropriate response and remediation.
- Experience designing, implementing and executing incident response plans and procedures.
- Experience with Microsoft Active Directory a plus.
- Security operations and/or engineering experience in a manufacturing environment desired.
- Basic UNIX/Linux system administration skills (Red Hat Linux, AIX, etc.) desired.
- Basic understanding of database administration (MS SQL, MySQL, Oracle).
- Basic knowledge of scripting (Perl, Bash, Shell, etc.)
- Understanding of PCI and IT SOX regulatory compliance.
- Experience with Operational Technology
Non-Technical Skills: Excellent teamwork skills; written and oral communication skills. Excellent formal documentation skills.
See Job Description