Information Security Specialist Jobs

Job Purpose

This will be a hybrid role at our global Corporate headquarters in Reading, Pennsylvania. Schedule will be 3 days in office, 2 days remote.

Candidate must be a US Citizen or Permanent Resident (Green Card)

The Information Security Specialist is responsible for safeguarding information system assets by identifying and resolving security problems and threats. Collaborate within an expanding Information Security team, and work closely with internal EnerSys teams to ensure new and continued compliance with cybersecurity frameworks and required programs and initiatives.

Essential Duties and Responsibilities

• Review department policies and procedures related to security regularly and update as needed
• Work with third party security providers and evaluate new and existing products
• Mature the simulated phishing campaign program based on active threats reported by users
• Lead vulnerability management, incident response, threat intelligence, event management, and SOC operations utilizing various controls and systems
• Organize and maintain vulnerability remediation metrics and report on the progress of each group regularly
• Keep current on the latest intelligence, including hackers’ methodologies, in order to anticipate security breaches
• Review and respond timely to business requests for client surveys, questionnaires, and technical questions related to security framework and compliance
• Track vulnerabilities within the operating systems, platforms, third party and internal applications; keeping detailed records of the status of each vulnerability and EnerSys’ risk exposure
• Upgrade systems by implementing and maintaining security controls
• Report regularly on the status of existing vulnerabilities within the enterprise to help colleagues and stakeholders accurately assess risk
• Maintain disk encryption program
• Leverage automated tools to perform regular authenticated and unauthenticated scans of on-premise and cloud environments
• Work with IT colleagues and business stakeholders to ensure remediation efforts adhere to corporate standards and policies
• Perform other duties as assigned
• Review security vulnerabilities and prioritize remediation based on potential business impact
• Support compliance initiatives such as ISO 27001, SOX, NIST 800-171, and CMMC
• Identify opportunities for process and technical security improvements in the environment
• Maintain technical knowledge by attending educational workshops, reviewing publications, and networking with industry colleagues

Qualifications

• CompTIA Security+ or similar certifications is preferred
• Cloud Computing (AWS & Azure) experience preferred. TRAVEL REQUIRED: Up to 10%
• Understanding of a variety of technical concepts such as: networking, systems administration, application development, cloud computing and information security best practices. Intermediate skills in a scripting language such as PowerShell, SQL queries.
• A degree in a technical field (Computer Science, Cyber Security) is preferred but not required
• Two or more years of practical experience in an information technology role
• Strong analytical critical thinking skills
• Previous experience working in large scale environments with diverse technologies

#CRP

General Job Requirements