Wheels, Inc. IT Security Analyst in Des Plaines, Illinois
Des Plaines, Illinois
SUMMARY This individual will have primary and focused responsibility to administer, monitor, and report on a range of Information Security systems and associated initiatives defined by the Wheels Information Security Program under the guidance of the Wheels’ Information Security Group. You will be responsible for managing & monitoring various security toolsets and technologies, through defined processes and procedures; report on vendor relationships for outsourced security services; and, collaborate with Infrastructure Operations and Helpdesk on incidents and problems. Additionally, you will be called upon to lead or participate in initiatives to enhance security technology, investigate or eliminate vulnerabilities and security incidents or remediate audit findings.
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned.
Manage and mature the network vulnerability management program. Specifically, this includes operating our vulnerability scanning tool, reviewing scan results and reports to identify vulnerability risks, work with IT and others to efficiently discuss, prioritize and execute on remediation plans, track remediation activities, develop vulnerability metrics, and expand upon the capabilities of the vulnerability scanning tool.
Assist with the monitoring and investigation of cybersecurity events. Specifically, this includes monitoring alerts (network, endpoints, anti-virus, email, cloud, etc.) from various systems and tools being utilized, investigating such events for any security threats directed at the company, and taking action to minimize such risks.
Participate on various Security Roadmap initiatives and projects which may include: Microsoft Cloud App Security capabilities and limitations (e.g., access rules for third-party vendors and clients as it relates to data management), tuning of Threat Monitoring toolsets, Mobile Device security enhancements, Web Application scanning activities and expansion, etc.
Additional responsibilities include assisting on other company projects and actively conducting cyber research for emerging threats. The person in this position will also assist the operations team responsible for maintaining hardware and software systems by providing analytical guidance on best practices. Special projects and responsibilities may include:
Support the planning and execution of Incident Response Tabletop Exercises
Help with the creation and/or execution of Phishing Campaign exercises
Assist with computer compliance/audit activities
Support Security Exception process activities
Support Security Training activities and compile Security Newsletter information
Collect security metrics for management
Support security scorecard remediation activities
QUALIFICATIONS To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Working knowledge and experience with network and application vulnerability management scanning tools like Qualys, Acunetix, etc.
Heavy understanding of Cloud Security best practices, including familiarity with Microsoft’s set of tools and technologies (i.e., Azure, O365, Defender ATP, Advanced Threat Analytics, Cloud App Security, etc.).
Working knowledge of Information Security best practices, including familiarity with ISO 27000 series, SANS, NIST, OWASP Top 10 and/or, COBIT
Working knowledge of some aspects of Infrastructure technology, including networking, servers, storage, logging and security appliances; some hands-on experience would be preferred.
Absolutely trustworthy with high standards of personal integrity, professionalism and accountability to assigned projects and timelines.
Excellent written and verbal communication.
EDUCATION and/or EXPERIENCE
Bachelor’s degree in Computer Science, Information Security or related field of study; or commensurate working experience
3-5 years of work experience in Information Technology and/or Security-related field
CERTIFICATES, LICENSES, REGISTRATIONS
- None required. Applicable security certifications are desirable and strongly encouraged.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- General mobility, including ability to maneuver through difficult spaces such as data centers and facility perimeters
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
General office and remote-working environments
No travel required
Some off-hours work required
Wheels, Inc. was established in 1939 as the world's first automotive fleet leasing and management company. As one of the largest privately-held companies in North America, Wheels features a portfolio of 315,000 vehicles under management across the continent, capabilities in 40 countries worldwide, and a client base that consists of some of the best-known businesses in the world. In addition to vehicle acquisition and leasing, Wheels provides numerous specialized services that help all sorts of organizations manage their fleets. These include driver/vehicle support functions like maintenance management, fuel cards, and registration processing, as well as strategic account-level consultation to drive optimal fleet efficiency and measure results.