Sr. Security Analyst
Naperville, IL

Job Description

We're passionate about bringing the love of baking and decorating to everyone, everywhere, every day.

Our message is simple - we know you love baking (because we do, too) and we're constantly evolving to bring you quality products that make baking and decorating fun and easy. We're not just for the decorators of wow-worthy cakes, we're for cupcake makers and cookie bakers who love to say, "I made that!"

Wilton Brands LLC ("Wilton") is owned by Dr. August Oetker KG, a privately held company based in Germany. Dr. Oetker is a global leader in the food and beverage industries. Learn more about Wilton at http://www.wilton.com.

Job Summary:

Reporting to the Director of Infrastructure & Security, the Senior Security Analyst, will develop and execute security controls defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems

Essential Responsibilities:

* Serve as an IT security consultant to the Director of Infrastructure & Security for policies, standards, risk assessments, and evaluation of new technologies
* Maintain data and monitor security access
* Conduct internal and external security audits
* Recommend and install appropriate tools and countermeasures
* Define, implement and maintain corporate security policies
* Oversee security awareness training
* Coordinate security plans with outside vendors
* Work with key business leaders to help identify critical assets Reviews security and network events that are populated in a security information and event management (SIEM) system.
* Investigates intrusion attempts and performs in-depth analysis of exploits.
* Manage network, intrusion detection and prevention systems. Provides network intrusion detection expertise to support timely and effective decision making of when to declare an incident.
* Experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns.
* Conducts proactive threat research.
* Analyzes a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.
* Independently follows procedures to contain, analyze, and eradicate malicious activity.
* Assists with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.
* Direct experience with Malware analysis techniques and methodologies.
* Working knowledge of the Linux Operating system (CentOS, Red Hat, Ubuntu).
* Scripting Skills (e.g. PERL, Python, shell scripting, VBS).
* Familiarity with network security methodologies, tactics, techniques and procedures.
* Experience with IPS/IDS, SIEMS, and other computer network defense security tools.
* Experience reviewing and analyzing network packet captures.
* Experience performing security/vulnerability reviews of network environments.
* Possess a comprehensive understanding of TCP/IP protocol, security architecture, and remote access security techniques/products.

Education and Experience:

* Bachelor's degree in related field preferred.
* CISSP, GSEC, CISA, CISM, or other security certification desired.
* (ISC)2 Systems Security Certified Practitioner (SSCP) or Security+ certification preferred.
* At least 5 years' experience in information security.
* Five plus years of experience in Information Technology, preferably networking.
* Three plus years of experience in supporting or analyzing Cisco firewall infrastructure.
* Knowledge of laws, regulations, and requirements related to Information Security (i.e. HIPAA, GDPR, Payment Card Industry (PCI), Domestic and International Privacy regulations).
* In depth understanding of SIEM Solutions, Intrusion Detection & Prevention, Anti-Malware Systems, Secure Web Gateways and Active Directory Group Policy Objects.
* Experience architecting Intrusion Detection and Prevention environment and configuring network devices for security log aggregation.

Knowledge, Skills, and Abilities:

* Knowledge and experience with Risk Assessment methodologies, such as NIST CSRF
* Proven documentation and technical writing skills and the ability to provide evidence of that.
* Including technical documentation such as policies, standard operating procedures, and user procedures.
* Ability to communicate with and influence technical and non-technical customers, colleagues, and vendors.
* Ability to work independently as well within a team and with client users.
* Available for on-call evening/weekend support and incident resolution potentially during off hours.
* Ability to conform to shifting priorities and proactively drive changes in project scope, timelines, and requirements.
* Ability to elicit cooperation from a wide variety of sources: management, business unit contacts, and data center peers.
* Ability to effectively prioritize and execute in a dynamic environment.
* Demonstrated experience in leading cross-functional program teams.
* Actively seeks out and supports collaborative thinking and problem solving with others in the organization.
* Excellent interpersonal skills including the ability to work with individuals at all levels in the organization - strong relationship building abilities.
* Ability to independently set priorities and meet deadlines in a fast-paced environment.
* Experience with program cost estimations.
* Excellent verbal and written communications skills.
* Strong analytical and problem-solving skills.
* Must be highly organized and detail oriented.
* Must be a self-starter.

Physical Demands/Work Requirements:

* Professional office environment. This role is sedentary in nature and requires the ability to be seated at a desk for majority of the work day.
* Ability to travel occasionally.
* Ability to routinely use standard office equipment such as laptop computers, computer monitors/keyboards, photocopiers and telephones.
* While performing the duties of this job, the employee is regularly required to talk or hear.
* Be able to constantly view a computer monitor which may cause eye strain.

Wilton Brands LLC is an equal employment opportunity employer. We attract and retain the best qualified people without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, individuals with disability or veteran status as provided by law. Wilton Brands LLC is an Equal Employment Opportunity Employer/Disability/Veteran.

If you need accommodation to access the information provided on our website, please contact us at 630-810-2416 or send an e-mail to: careers@wilton.com We will be happy to help you!