Information Security Analyst - Houston, United States - Floworks International LLC

    Floworks International LLC
    Floworks International LLC Houston, United States

    1 month ago

    Default job background
    Description

    Job Description

    Job Description

    FloWorks is a leading specialty distributor of critical flow control products and provider of tailored technical solutions for MRO-focused applications. The company serves customers across chemical, downstream refining & renewables, high purity & sanitary, and other industrial end markets. FloWorks' product categories include valve & automation, corrosion resistant flow control, rotating equipment, flanges, filters & purifiers, and instrumentation. Privately held company headquartered in Houston, Texas.

    Summary of Responsibilities

    The Information Security Analyst will contribute to developing and maintaining the information security strategy for the business. Through the supervision of the Manager of Information Security and the guidance of the VP of IT, the analyst will confirm adherence to the NIST / CMMC framework, focusing on safeguarding information assets and addressing security risks in alignment with industry-specific compliance and regulatory requirements. Responsibilities encompass assisting security activities to guarantee the availability, integrity, and confidentiality of company, employee, and customer information following industry standards. The analyst is tasked with identifying, evaluating, implementing, and maintaining streamlined processes to enhance the department's security operations. Additional duties include assisting in creating and maintaining security policies, procedures, standards, and training documentation, along with managing the utilization and maintenance of tools within the security department's purview. The analyst actively contributes to adhering to and maintaining key performance indicators (KPIs). They also collaborate with team members within the sub-department, contributing to recruitment, interviews, training, development, and performance evaluations in line with industry best practices. Keeping abreast of emerging threats and technologies, the analyst's responsibility is to confirm the company's cybersecurity posture while maintaining compliance with industry standards and protocols.

    Duties/Responsibilities:

    • Monitor day-to-day operations and IT infrastructure to identify and assess security risks, vulnerabilities, and potential incidents.
    • Confirm compliance with internal and external security policies, working collaboratively with departments to minimize security risks.
    • Collaborate with different departments to proactively reduce security risks across the organization.
    • Implement approved technologies to safeguard the company against existing and emerging threats.
    • Advocates adherence to NIST and CMMC frameworks, contributing to the maturity advancement of security practices.
    • Respond promptly and effectively to security incidents, following established protocols.
    • Facilitate the company's security awareness program, addressing user non-compliance and failures.
    • Contribute to creating, maintaining, and testing incident response, business continuity, and disaster recovery plans based on NIST/CMMC standards.
    • Adhere to access management practices and contribute to necessary improvements.
    • Provide accurate and timely reporting on the status of the company's security program, including scans, assessments, and incidents.
    • Recommends areas for improvement and new processes to enhance operational efficiency.
    • Collaborate closely with business stakeholders to confirm support functions align with organizational needs.
    • Maintains documentation of all processes to safeguard the company's information and systems.
    • Collaborate with other IT sub-departments to document and review disaster recovery objectives annually, ensuring alignment with business impact analysis.
    • Support the integration of security processes during mergers and acquisitions within the security sub-department.
    • Assisted or led in various IT projects as required.
    • Undertake any other duties the Manager of Information Security assigns to support the business.

    Qualifications:

    • Bachelor's degree in computer science, IT, or a related field
    • 2+ years of experience in Information security management
    • Solid technical background demonstrating knowledge in cybersecurity tools, web security, network security, vulnerability management, incident response, and more.
    • Hands-on with problem-solving attitude in a customer service-oriented role.
    • Strong communication skills, with the ability to work effectively across departments.
    • Certifications that are a plus: CISSP, CISA, GSEC, Security+

    This information indicates the general nature and level of work performed by associates in this role. It is not designed to contain a comprehensive inventory of all duties, responsibilities, and qualifications required of associates assigned to this role. This description supersedes any previous or undated descriptions for this role. Management retains the right to add or change the duties of the position at any time. Questions about the duties and responsibilities of this position should be directed to the reporting Manager or Human Resources.

    FloWorks is an equal opportunity employer and gives consideration for employment to qualified applicants without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, genetics, disability, age, or protected veteran status.

    FloWorks participates in the US Government's E-Verify program.