Cybersecurity Analyst / Engineer
Company: Carpenter Technology
Location: Reading
Posted on: September 21, 2023
Job Description:
Carpenter Technology Corporation is a leading producer and
distributor of premium specialty alloys, including titanium alloys,
nickel and cobalt based superalloys, stainless steels, alloy steels
and tool steels. Carpenter's high-performance materials and
advanced process solutions are an integral part of critical
applications used within the aerospace, transportation, medical and
energy markets, among other markets. Building on its history of
innovation, Carpenter's wrought and powder technology capabilities
support a range of next-generation products and manufacturing
techniques, including novel magnetic materials and additive
manufacturing.CYBERSECURITY ANALYST Location:-- Reading, PA or
Latrobe, PAThe Cybersecurity Analyst --. . .
- Develops in-depth cloud security architecture, design and
coding standards across infrastructure, application and data
security
- Drives a standardized set of cloud security requirements that
align with internal policies and meet external
compliance/regulatory requirements
- Leads adoption of security best practices and common commercial
standards for cloud computing (e.g., NIST, ISO, CIS, COBIT, OWASP,
etc.)
- Advises Operations and Incident Response teams on procedures
and technology necessary to protect the Cloud environment from
cyber-threats and data leakage
- Collaborates with Business, Manufacturing, and IT organizations
to choose appropriate cloud technology solutions and facilitates
complete integration into the company enterprise environments
- Steers IT and Business teams to advance business initiatives
with secure integration of Cloud and Third-party Applications
- Hardens enterprise and cloud architecture from
cyber-attacks
- Advises IT teams with Identity and Access Management (IAM)
including user account provisioning, password vaulting, periodic
access review, PKI and encryption
- Performs risk and vulnerability assessments including network
scans (e.g., Qualys, Rapid 7, etc.) and application security
testing (e.g., HP Fortify, IBM AppScan, etc.)
- Routinely publishes Governance, Risk, and Compliance (GRC)
metrics
- Provides cloud product security related coaching and mentoring
to elevate security expertise of development and operations
teams.
- Perform all other duties and special projects as assigned.
- Requirements for the Cybersecurity Analyst
- Bachelor of Science degree in computer science or related
field
- Security certifications such as CISSP, CISA, CISM, CCSP, GCIH,
GCIA, GSEC and CEH
- Vendor Certification - Microsoft Cybersecurity Architect Expert
or any Microsoft Azure related certification
- Perform other duties and projects as required.Required for the
Cybersecurity Analyst position
- 8-10 years of related hands-on experience with design and
operation of Microsoft Azure Cloud Computing environment (IaaS,
PaaS, and SaaS)
- 5-10 years of related design and operations experience with
Cloud Computing security controls including Identity and Access
Management, Data Protection, Network Security, Logging, and
Vulnerability Management
- Experience leading definition of secure-SDLC (system
development lifecycle) and product security maturity model
- Familiarity with DevOps/Automation tools including AWS
CloudFormation, Ansible, Jenkins, Git
- Experience working with cloud security and governance tools,
cloud access security brokers (CASBs), and server virtualization
technologies
- Familiarity with securing container-centric deployments (Docker
and Kubernetes)
- Working knowledge of common and industry standard cloud app
authentication (OAuth, OpenID, SAML, etc.)
- Experience with deployment orchestration, automation, and
security configuration management (Jenkins, Puppet, Chef,
etc.)
- Familiarity with common web-hacking techniques (e.g., SQL
Injection, XSS, CSRF, malware, phishing, etc.) and effective
counter measures
- Perform cyber-threat modeling, conduct reviews of security
architecture and platform/service designs
- Expert knowledge of multiple security domains and common
security controls
- Hands-on operational experience with common cybersecurity
infrastructure (e.g., Firewalls, Intrusion Detection, AV, MFA, PKI,
Encryption, etc.)
- Security Incident Response handling --
- Requires excellent written and verbal communication skills,
interpersonal skills, project management skills and the ability to
organize and prioritize tasks and make appropriate decisions.
- Willingness to work in a fast paced team based environment with
frequently changing priorities.Carpenter Technology Company offers
a competitive salary and a comprehensive benefits package including
life, medical, dental, vision, flexible spending accounts,
disability coverage, 401k with company contributions as well as
many other options to employees.Carpenter Technology Corporation's
policy is to fully and effectively maintain a program of equal
employment opportunity and nondiscrimination for all employees, to
employ affirmative action for all protected classes, and to recruit
and develop the best qualified persons available regardless of age,
race, color, religion, sex, gender identity, sexual orientation,
marital status, national origin, political affiliation or any other
characteristic protected by law. The Company also will recruit,
develop and provide opportunities for qualified persons with
disabilities and protected veterans.
Keywords: Carpenter Technology, Reading , Cybersecurity Analyst / Engineer, Professions , Reading, Pennsylvania
Didn't find what you're looking for? Search again!
Loading more jobs...