- SANS GIAC
Founded in 1866, The Sherwin-Williams Company is a global leader in the manufacture, development, distribution, and sale of paints, coatings and related products to professional, industrial, commercial, and retail customers. The company manufactures products under well-known brands such as Sherwin-Williams®, Valspar®, HGTV HOME® by Sherwin-Williams, Dutch Boy®, Krylon®, Minwax®, Thompson’s® Water Seal®, Cabot® and many more. Sherwin-Williams® branded products are sold exclusively through a chain of more than 4,100 company-operated stores and facilities, while the company’s other brands are sold through leading mass merchandisers, home centers, independent paint dealers, hardware stores, automotive retailers, and industrial distributors. The company supplies a broad range of highly-engineered industrial and OEM coatings for wood and general industrial, coil, packaging, protective and marine, and transportation applications worldwide. Our 60,000 employees are diverse, innovative and passionate. With a variety of rewarding and challenging opportunities, Sherwin-Williams is a great place to find a career that takes you places.
The Senior IT Security Analyst focused on Windows Server performs two core functions for the enterprise. The first is the day-to-day operations of the in-place endpoint and server security solutions while the second is the identification, investigation and resolution of security concerns detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, guidelines, and procedures as well as conducting vulnerability assessments. The Senior IT Security Analyst is expected to be fully aware of the enterprise’s security goals as established by policies, procedures and guidelines and to actively work towards upholding those goals.
Strategy & Planning
Participate in the planning and design of enterprise Windows Server security architecture, under the direction of the IT Security Manager, where appropriate.
Participate in the creation and maintenance of enterprise security documents (policies, standards, guidelines, and procedures) under the direction of the IT Security Manager, where appropriate.
Develop and communicate policies, procedures, and plans to executive team, staff, partners, customers, and stakeholders regarding technology and industry-specific laws.
Acquisition & Deployment
Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors regarding the Windows Server platform.
Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
Maintain up-to-date baselines for the secure configuration and operations of security tools and server platforms in use within the organization, with a primary focus on Windows Server.
Maintain operational configurations of all in-place security solutions as per the established baselines.
Monitor all in-place security solutions for efficient and appropriate operations.
Review logs and reports of in-place systems, with a focus on systems maintained by Information Security and Windows Server systems that are maintained outside of Information Security. Interpret the implications of that activity and devise plans for appropriate resolution.
Participate in investigations into problematic activity, with a focus on Windows Server.
Participate in the design and execution of vulnerability assessments and security audits.
Provide on-call support for in-place security solutions.
Collaborate with IT, security, human resources, and legal to ensure full legal compliance of company policies, procedures, forms, notices, and materials.
Maintain a strong awareness of legislative changes or amendments in order to ensure ongoing and future compliance.
Advocate company’s compliance policies via regular written and in-person communications.
Ensure that information security measures and equipment adhere to all applicable laws and regulations.
Participate in investigations and resolve or identify solutions to address security concerns.
Assist in development and implementation of technical security policies, with a focus on the Windows Server platform.
Assist with the development of new security tools and standards, including both hardware and software.
Assist in the analysis of security, OS, and application logs and alerts to assess, prioritize and differentiate between potential security incidents and normal behavior.
Assist with other projects as may be required to contribute to efficiency and effectiveness of the work that helps the team succeed.
Participate in hiring activities and fulfilling affirmative action obligations and ensuring compliance with the equal employee opportunity policy.
Formal Education & Certification
Bachelor degree or foreign equivalent in related field or equivalent experience.
Preferred CISSP, GIAC, or CompTIA Security+ certifications.
Knowledge & Experience
5+ years IT experience.
5+ years of Windows Server Management technologies and associated management systems (Active Directory, Group Policy, WSUS,).
3+ years of VMWare, Hyper-V, or associated virtualization technologies experience.
Experience with Windows Server 2012 and knowledge of Windows Server 2016.
Experience with the WSUS platform and patch remediation.
Experience administering Antivirus products (McAfee specifically a plus).
1+ year Powershell scripting experience.
Proven experience in planning, organizing, and developing IT security technologies.
Experience identifying and implementing secure solutions to complex business problems.
Experience evaluating cybersecurity threats.
Understanding of common threats, penetration/intrusion techniques and attack vectors.
Understanding of various endpoint and server operating systems, including Window Server 2012 & 2016, Windows 7 & 10, macOS, iOS, UNIX, Linux, etc.)
Experience in one or more of the following areas
Experience supporting endpoint security solutions, such as McAfee, Symantec, Sophos, etc.
Experience with Windows virtualization-based security capabilities, such as Device Guard or Credential Guard
Experience utilizing cybersecurity industry standards such as CIS or NIST to develop secure operating system standards for Windows OS.
Understanding of CVSS, CVE, CWE, CPE, CCE, CWE, OVAL, SCAP and/or other standards.
Demonstrated experience with common penetration testing and vulnerability assessment tools such as nmap, Wireshark, Qualys, Nessus, or Metasploit.
Experience with virtualization and containerization platforms such as VMWare, VirtualBox, Hyper-V, Docker, and/or Rancher.
Experience with utilizing SIEM solutions (Splunk, QRadar, ArcSight, LogRythm, etc.) to search system logs for troubleshooting or security investigation purposes.
Experience with cloud infrastructure, such as AWS or Azure.
Strong analytical and problem-solving abilities.
Ability to effectively prioritize and execute tasks in a high-pressure environment.
Strong written, oral, and interpersonal communication skills.
Ability to conduct research into IT security issues and products as required.
Ability to present ideas in business-friendly and user-friendly language.
Highly self motivated and directed.
Keen attention to detail.
Team-oriented and skilled in working within a collaborative environment.
10% travel is required
Work outside the standard office 7.5 hour workday may be required with on-call availability.
Must be legally authorized to work in country of employment without sponsorship for employment visa status now or in the future.
Equal Opportunity Employer. All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, citizenship status, marital status, or any other consideration prohibited by law or contract. VEVRAA Federal Contractor requesting priority referral of protected veterans.