Job Description

JOB DESCRIPTION

Build an Aviation Career You’re Proud Of

At StandardAero, we use our ingenuity and know-how to find solutions for the simple to the most complex challenges in aviation. Together, we get the job done and done well. Our stability, resources, and respectful culture supports you in building a solid career with a great team you can count on day in and day out for the long term.

Summary:

As an IT Security Analyst position is a critical role in protecting StandardAero’s business and technology operations. In this role you will be accountable in securing the enterprise technology and operations against an ever evolving and growing threat landscape. The role is an integral position in supporting StandardAero’s global cyber-security defenses, providing tactical cyber security objectives and implementing the security strategy across the organization.

What you’ll do :

• Conduct risk and security assessments through vulnerability analysis and reporting
• Perform mitigation support for both internal and external security audits
• Investigate, analyze and document security incidents to identify and document the root cause
• Provides incident response support including mitigating actions to contain activity and facilitating forensics analysis when necessary
• Partner with IT Operation teams to remediate system vulnerabilities
• Participates in the production of documentation and management reporting
• Research security enhancements and make recommendations for improved policy and process
• Analyze IT requirements and provide objective advice on the use of new IT security offerings
• Stay up-to-date on information technology and cybersecurity trends and standards
• Other IT Security-related duties as required
• Capable of identifying, evaluating and mitigating significant risks within an enterprise.
• Strong working experience with Microsoft Office Suite.
• Strong oral and written communication skills and the ability to work well with people from many different disciplines with varying degrees of technical experience.
• Possess strong analytical skills attention to detail.
• Ability to prioritize assignments while working on multiple projects
• Ability to work independently and proactively to meet assigned objectives
• Flexible with the ability to multi-task, effectively prioritize and work under pressure
• Basic project management

• Design, implement, administer, support and maintain cybersecurity technology systems (Endpoint Protection, IDS/IPS, Web and Email Security, SIEM, Multi-Factor Authentication, Network Access Controls, DLP, etc.)

• Analyze, report and respond to security alerts within the various IT technologies and global locations

• Proactively remediate information technology security threats as a member of the security team

• Assist in the designing, documenting, architecting and implementing IT security measures and controls

• Provide support through ‘Threat Hunting’ against anomalous behavior within the enterprise. Correlates activity across assets (endpoint, network, apps) and environments to identify patterns of anomalous activity

• Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources

• Threat mitigation; malicious code detection, response and prevention; operating system security oversight

Minimum Qualifications:

• Bachelor’s degree in Information Security, Computer Science, or a related field; equivalent experience may be considered.
• 5+ years of progressive experience in cybersecurity and IT, including hands-on security operations, threat detection, or engineering.
• 5+ years of experience in SIEM Administration, endpoint protection, vulnerability management tools, and security automation.
• 5+ years of experience of network and application security, threat actor tactics (MITRE ATT&CK), and incident response frameworks.
• 5+ years of experience working in regulated environments or with industry frameworks (e.g., NIST, ISO 27001, CIS, or CMMC).

Preferred Qualifications:

• IT Security Certification, specifically GSEC, CEH, CISSO, CISA or CISSP, GCIA, OSCP and ITIL
• SDLC, and understand application security.
• Containerization and Development Security Operations

Benefits that make life better:

• Comprehensive Healthcare
• 401(k) with 100% company match; up to 5% vested
• Paid Time Off starting on day one
• Bonus opportunities
• Health- & Dependent Care Flexible Spending Accounts
• Short- & Long-Term Disability
• Life & AD&D Insurance
• Learning & Training opportunities

Job Tags

Similar Jobs