Analyst, Information Security - San Antonio, TX, United States

Description · Build an Aviation Career You're Proud Of · At StandardAero, we use our ingenuity and know-how to find solutions for the simple to the most complex challenges in aviation. Together, we get the job done and done well. Our stability, resources, and respectful culture s ...

Job description

Description

Build an Aviation Career You're Proud Of

At StandardAero, we use our ingenuity and know-how to find solutions for the simple to the most complex challenges in aviation. Together, we get the job done and done well. Our stability, resources, and respectful culture supports you in building a solid career with a great team you can count on day in and day out for the long term.

Summary: 

As an IT Security Analyst position is a critical role in protecting StandardAero's business and technology operations. In this role you will be accountable in securing the enterprise technology and operations against an ever evolving and growing threat landscape. The role is an integral position in supporting StandardAero's global cyber-security defenses, providing tactical cyber security objectives and implementing the security strategy across the organization. 

What you'll do: 

• Conduct risk and security assessments through vulnerability analysis and reporting 
• Perform mitigation support for both internal and external security audits
• Investigate, analyze and document security incidents to identify and document the root cause
• Provides incident response support including mitigating actions to contain activity and facilitating forensics analysis when necessary
• Partner with IT Operation teams to remediate system vulnerabilities
• Participates in the production of documentation and management reporting 
• Research security enhancements and make recommendations for improved policy and process
• Analyze IT requirements and provide objective advice on the use of new IT security offerings
• Stay up-to-date on information technology and cybersecurity trends and standards
• Other IT Security-related duties as required
• Capable of identifying, evaluating and mitigating significant risks within an enterprise.
• Strong working experience with Microsoft Office Suite.
• Strong oral and written communication skills and the ability to work well with people from many different disciplines with varying degrees of technical experience.
• Possess strong analytical skills attention to detail.
• Ability to prioritize assignments while working on multiple projects
• Ability to work independently and proactively to meet assigned objectives
• Flexible with the ability to multi-task, effectively prioritize and work under pressure
• Basic project management 

• Design, implement, administer, support and maintain cybersecurity technology systems (Endpoint Protection, IDS/IPS, Web and Email Security, SIEM, Multi-Factor Authentication, Network Access Controls, DLP, etc.)

• Analyze, report and respond to security alerts within the various IT technologies and global locations

• Proactively remediate information technology security threats as a member of the security team

• Assist in the designing, documenting, architecting and implementing IT security measures and controls

• Provide support through 'Threat Hunting' against anomalous behavior within the enterprise. Correlates activity across assets (endpoint, network, apps) and environments to identify patterns of anomalous activity

• Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources

• Threat mitigation; malicious code detection, response and prevention; operating system security oversight

Minimum Qualifications: 

• Bachelor's degree in Information Security, Computer Science, or a related field; equivalent experience may be considered.
• 2+ years of progressive experience in cybersecurity 
• 3+ years of experience IT, including hands-on security operations, threat detection, or engineering.
• 2+ years of experience of network and application security, threat actor tactics (MITRE ATT&CK), and incident response frameworks.

Preferred Qualifications: 

• IT Security Certification, specifically GSEC, CEH, CISSO, CISA or CISSP, GCIA, OSCP and ITIL
• SDLC, and understand application security.
• Containerization and Development Security Operations 
• Experience working in regulated environments or with industry frameworks (e.g., NIST, ISO 27001, CIS, or CMMC).

 Benefits that make life better:

• Comprehensive Healthcare
• 401(k) with 100% company match; up to 5% vested
• Paid Time Off starting on day one
• Bonus opportunities
• Health- & Dependent Care Flexible Spending Accounts
• Short- & Long-Term Disability
• Life & AD&D Insurance
• Learning & Training opportunities

Raising the Standard of Excellence since 1911

With over a century of proven excellence, StandardAero has become an industry leader in MRO services and customized solutions in the aerospace field. Our shared values and learning-based culture inspire our team to exceed their potential and power our customers' missions worldwide. With on-the-job training, advancement opportunities, and excellent benefits, StandardAero invites you to experience a fulfilling and meaningful career with us. 

Inclusivity Is Our Standard

It is StandardAero's policy to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information. Our supportive environment celebrates diversity with no room for harassment or discrimination of any kind. We invite you to bring your authentic self to our team and experience our welcoming culture.