Information Technology Security Analyst

COMPANY BACKGROUND

Astro Pak is the nation's leading precision cleaning and passivation contractor specializing in on-site cleaning of high purity gas and fluid systems, as well as precision cleaning of components and hardware at the company’s Cleanroom facilities. Astro Pak provides services to over 15 sectors including: Biotechnology, Pharmaceutical,

Aerospace, Semiconductor, and other selected Industrial markets. The company, founded in 1959, has performed on-site precision chemical cleaning in every State of the Union as well as several projects in Asia, continental Europe, England, Ireland and Mexico.

POSITION OPPORTUNITY

The IT Security Analyst (SA) is responsible for assisting with the day-to-day operations of securing Astro Pak’s various information systems.

Reporting to the Vice President of Information Technology, the Security Analyst is tasked with providing technical

expertise in all areas of network, system, and application security. The SA works closely with the various teams in the Information Technology department to ensure that systems and networks are always designed, developed, deployed, and managed with an emphasis on strong, effective security and risk management controls.

The Security Analyst leads the firm's vulnerability management program, manages the annual cybersecurity assessments and penetration tests, research and reports on emerging threats, to help Astro Pak take pre-emptive risk mitigation steps.

The Security Analyst effectively correlates and analyzes security events within the context of Astro Pak's unique environment to proactively detect threats and mitigate attacks before they occur.

Essential Duties / Responsibilities

• Lead the vulnerability management program (internally)

• Manage annual cybersecurity assessments and penetration tests, while researching and reporting on threats

• Proactively monitor the environment to detect and implement steps to mitigate cyber-attacks before they occur.

• Provides technical expertise regarding security-related concepts to operational teams within the Information Technology Department and the business.

• Review, investigate, and respond to real-time alerts within the environment.

• Review real-time and historical reports for security and/or compliance violations.

• Monitor online security-related resources for new and emerging cyber threats.

• Assesses new security technologies to determine potential value for the enterprise.

• Conducts vulnerability assessments of firm systems and networks.

• Manage systems owned by the Information Security Team.

• Analyze and implement projects in compliance with U.S. Export Control Laws.

Qualifications

Education/Training/Certifications: Bachelor's degree in a technical discipline or equivalent experience required.

Related Experience: 1 to 3 years of experience working in a security analyst setting or related field. Demonstrated experience implementing and/or enforcing security and compliance frameworks such as NIST, Cobit, and ISO.

Experience with creating, implementing, and managing a threat hunting program within a corporate environment

is preferred.

Knowledge/Skills/Abilities:

• Strong knowledge of Microsoft Dynamics 365 CRM modules (Sales, Marketing, Customer Service) and Microsoft Dynamics GP (Financials, Payroll, Inventory).

• Proficiency in SQL and/or knowledge of querying tools used for reporting and troubleshooting within Dynamics 365 and GP.

• Familiarity with Power Platform (PowerApps, Power Automate, Power BI) is a plus.

• Strong communication skills, both technical and non-technical, to collaborate effectively with internal teams and vendors.

• Technical knowledge of enterprise technologies such as firewalls, routers, switches, wireless access points, VPNs, and desktop and server operating systems.

• Thorough understanding of Microsoft’s enterprise technology platform, including Azure, Active Directory, SQL, Office365, and the Windows server and desktop operating systems.

• Proficiency with Windows PowerShell.

• Working knowledge with technology vendors and products such as Proof Point, Arctic Wolf, Microsoft XDR, Sentinel, Fortinet.

• Strong writing skills, as well as the ability to articulate security-related concepts to a broad range of technical and non-technical staff.

• Ability to work independently or in a group with minimal direction (need to work through all the details of broad-minded projects and know how and where to find the needed information to complete those projects).

• Strong communication skills, both technical and non-technical, to collaborate effectively with internal teams and vendors.

• Legal capacity to comply with federally mandated requirements of the U.S. Export Control Laws.

Environment

• Must be able to perform above listed duties/responsibilities in the field and field offices.

• Must be able to travel occasionally to other locations.

• Will be exposed to dusty and noisy conditions periodically.

Physical Requirements

• Standing

• Walking

• Sitting

• Use of hands, fingers

• Reaching with hands and arms

• Climb and balance

• Stoop, kneel, crouch or crawl

• Talk and hear

• Distance vision (clear vision at 20 feet or more)

• Peripheral vision (ability to observe an area that can be seen up and down or to the left and right while eyes are fixed on a given point)

• Depth perception (three-dimensional vision, ability to judge distances and spatial relationships)

Astro Pak Corporation is an equal opportunity employer and does not discriminate against persons because of age, race, color, creed, religion, disability, gender, ethnic or national origin, or veteran status. Astro Pak prohibits discrimination against individuals with disabilities and will reasonably accommodate applicants with a disability, upon request, and will also ensure reasonable accommodation for employees with a disability.