MSC Industrial Supply Co. is a leading North American distributor of metalworking and maintenance, repair, and operations (MRO) products and services. The Information Security Administration II position is responsible for detecting and assessing security events and incidents, managing corporate firewalls, and collaborating with technical teams to enhance security measures.
Monitors security incident and event management (SIEM) and logging environments for security events and alerts to potential (or active) threats, intrusions, and/or compromises
Assists with triage of service requests from customers and internal teams
Escalates cyber security events according to MSC Incident Response Plan
Assists with containment of threats and remediation of environment during or after an incident
Documents event analysis and writes comprehensive reports of incident investigations
Collaborate with technical teams to identify, resolve, and mitigate events
Participate in security projects, collaborating with IT peers to implement security tools and processes
Administer systems which provide security services within the MSC network and Windows environment: Antivirus, IDS/IPS, deception technology, SIEM, Patching, vulnerability scanning, etc.
Ability to parse large volumes of data and identify malicious activity within proxy, firewall, and network data.
Monitor the company’s networks to keep an eye out for any security breaches and investigate it if one does occur.
Research the latest in information technology security trends to keep up to date with the subject and use the latest technology to protect information.
Identify new way to combine disparate cyber security data to create new detections and alerts.
Understand and appropriately use development skills to automate process when appropriate.
Participate in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are followed.
Provide responses and action plans to external security assessments
Recommend security improvements and coordinate with systems owners to implement
Develop reports and metrics for management and remediation teams
Partner with Risk and Internal Audit Compliance teams
Consult with different teams on strategic initiatives as well as highly technical projects that have regulatory concerns
Evaluate project initiation documents
Ensure representation in change management meetings
Knowledge and use of security tools, Vulnerability scanning, File Integrity Monitoring, Firewalls, SSL Certificate management, etc.
Understanding of current threats and exploits to include experience with threat remediation
Identifies new security threats by conducting penetration testing, log analysis and vulnerability assessments; evaluates, recommends, and performs procedures used to mitigate risks.
Participates in the development of software and network security procedures and guidelines on information security.
Assess the impact caused by theft, destruction, alteration, or denial of access to critical information and services.
Fosters the MSC Culture in the department and throughout the company to ensure fulfillment of MSC’s vision and unity of purpose.
Participation in special projects and performs additional duties as required.
Qualification
Required
Bachelor’s Degree in related field and/or 2-4 years of experience in Information and Network Security, 6 years overall IT experience
Web-application firewall (WAF) and corporate firewall management experience
Strong technical, analytical, interpersonal, communication and writing skills.
Basic understanding of fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.)
Willing to work in a team-oriented 24/7 SOC environment; flexibility to work on a rotating schedule
Experience with malware analysis
Must have experience writing technical documentation
Strong understanding of front-end, middleware, backend of applications.
Expert knowledge of using Microsoft Office.
Ability to build strong Partner relationships with peer technology groups and supported Line of Business
Strong interpersonal skills.
Ability to manage multiple tasks in parallel.
Thorough understanding of large-scale environments
Situational Analysis
High sense of ethics
Process-oriented individual with strong attention to detail, and strong organizational skills.
Excellent, detail-oriented writing skills.
Ability to maintain the highest level of confidentiality
Excellent interpersonal, written, and oral communication skills
Good knowledge of system hardening and secure configuration
A desire for continuous improvement.
A valid driver’s license and the ability to travel up to 5% of the time are required.
This position may require access to International Traffic in Arms Regulations Information (“ITAR”) and/or Controlled Unclassified Information (“CUI”).
Preferred
CISSP, CISM, CISA, Security+ or other major Information Security certification is preferred
Benefits
Dynamic healthcare plans
Generous 401K and stock purchasing programs
Tuition reimbursement opportunities
Paid time away for holidays, vacations, and illness
