Information Security Analyst Jobs

8452BR

PRS Facility Location:

Albertville, AL (PRSC Corp HQ) - 001

Job Purpose:

Information Security is embedded in everything we do at Progress Rail, from the core IT systems used by thousands of Progress Rail employees and business partners deployed on premise or within a cloud provider to the products and machinery that we sell to our customers. Cybersecurity has evolved to be a key consideration in nearly every aspect of our business, and we are seeking the right talent to join the Progress Rail organization to provide strong information security leadership.

Job Purpose:

Supports the security of Progress Rail’s information technology, operational technology, and locomotive systems, networks, and data.

Req ID:

8452BR

Company Description:

Railroads transport goods and people millions of miles every day. At Progress Rail, we believe in going the distance with them. We are looking for talented and innovative team players to address the challenges of the rail industry today, ensuring success for the future. Build a long-term career with opportunities for growth and advancement as part of a vibrant network of close to 200 global locations. Our innovative team members work together to forge the bridge between ideas and success!

As a Caterpillar company, Progress Rail is an integrated rolling stock and infrastructure provider, delivering a full range of products and services to domestic and international railroad customers. Our customers enjoy one-stop shopping and comprehensive railway solutions – whether it rolls on the rail or is the rail itself. From locomotives, transit, freight cars and engines, to tracks, signals and advanced technology, we ensure customers can count on us to meet their needs.

Learn how we keep our customers rolling by following us on Facebook, Twitter, Instagram, YouTube and LinkedIn, and by visiting progressrail.com .

Education / Training:

• Bachelor's degree in cybersecurity, computer science, information security, a related field.

Job Title:

Information Security Analyst

City:

Albertville

Key Job Elements:

• Responsible for day-to-day operations of the vulnerability management program, systems, and processes including maintenance, updates, reporting, scanning, assessments, general security posture, and asset health;

• Responsible for identifying and prioritizing vulnerabilities and risks through use of multiple tools and systems;

• Responsible for collaborating with stakeholders and senior leadership to ensure a thorough understanding of all security findings and the risks they pose to the organization. This will require assisting in the research of findings as well as helping to identify and implement remediation plans in a timely manner while ensuring minimal impact to the organization through a defined remediation plan;

• Responsible for promoting security awareness through the building of relationships with team member, leaders, and application and asset owners to help build a resilient security program within the organization. This includes mentoring of colleagues as well as acting as a point of contact and technical translator for those that are not well versed in cybersecurity terms, techniques, and processes;

• Responsible for creating, maintaining, monitoring and communication of security goals, SLAs, and patch compliance with multiple teams across a diverse environment of Windows and Linux endpoints;

• Responsible for day-to-day operations of the Static application security testing (SAST) and Dynamic application security testing (DAST) environment as well as assisting the development teams with interpretation and triage of identified findings;

• Responsible for creating, maintaining, and receiving alerts related to potential security events as well as investigating security events and assisting in determining an appropriate response and corrective actions;

• Required to participate in internal security audits, investigations, or other information gathering activities.

Qualifications and Experience:

• Demonstrable experience in the area of vulnerability management;

• Excellent problem-solving abilities and analytical mindset;

• Working knowledge of Linux and Windows operating systems and basic networking skills;

• Working knowledge of security risks management, CVSS (Common Vulnerability Scoring System), CVE (Common Vulnerabilities and Exposures), and vulnerability remediation/mitigation;

• Strong oral and written communication skills and the ability to work with both teammates and senior leadership with the ability to effectively communicate vulnerabilities, risks & impacts, and mitigations or remediation plans;

• Working knowledge of secure software development lifecycle programs.

Preferred Skills:

• Industry certification such as Security+, GIAC Security Essentials, GIAC Enterprise Vulnerability Assessor, Certified Ethical Hacker (CEH), Global Industrial Cyber Security Professional, CISSP, or equivalent alternative education, skills, and/or practical experience;

• Knowledge of compliance and regulatory program requirements such as ISO 27000, ISO 30111, NIST, GDPRA, and SOC standards;

• Working knowledge of vulnerability management and triage of identified risks within an application or code with multiple standard program languages such as .NET, C#, C++, Java, PHP, HTML, etc.

Key Words: Cybersecurity, Security Engineering, Security Remediation, Offensive Security, Vulnerability Management, Risk Management, Windows, Linux

EEO:

Equal Opportunity Employer – Race/Color/Sex/Religion/National Origin/Sexual Orientation/Gender Identity/Vets/Disabilities

Benefits:

Progress Rail offers an excellent total compensation package,* including competitive salary, paid time off for vacation and holidays, 401(k) plan with company match, medical/dental/vision/life/disability insurance and flexible spending accounts. Relocation assistance may be available for some positions.

• Benefits eligibility differs by job position and employment status - governing plan documents control such benefits.

Job Category:

Information Technology

State::

Alabama