Club Car boasts a 60 year history of industry-leading innovation and design, initially focused on golf cars and then expanding to commercial utility vehicles and personal-use transportation.

GENERAL JOB DESCRIPTION

The Cybersecurity Analyst will play a critical role in ensuring the security of the organization's information systems by maintaining, monitoring, and improving various security functions. This position requires a focus on Identity and Access Management (IAM), Privileged Access Management (PAM), Endpoint Detection and Response (EDR), Security Operations Center (SOC) tasks, IT General Controls (ITGC) implementation, and Vulnerability Management. The ideal candidate will have a deep understanding of cybersecurity frameworks, security best practices, and possess hands-on experience with security technologies.

Essential Job Functions:

1. Identity and Access Management (IAM):

   - Manage and support IAM tools and systems, ensuring secure authentication and authorization mechanisms are in place.

   - Oversee the provisioning and de-provisioning of user accounts, ensuring appropriate access levels based on the principle of least privilege.

   - Monitor and audit user access logs, ensuring compliance with security policies.

   - Implement and enforce Multi-Factor Authentication (MFA) and Single Sign-On (SSO) solutions.

   - Collaborate with HR, IT, and other departments to ensure role-based access controls (RBAC) are in place and up to date.

2. Privileged Access Management (PAM):

   - Deploy and manage PAM solutions to ensure secure management of privileged accounts.

   - Perform periodic reviews and audits of privileged accounts, ensuring access is limited and monitored.

   - Manage and automate the rotation of privileged credentials, ensuring secure password management.

   - Monitor privileged sessions in real-time and respond to potential security threats associated with misuse of privileged accounts.

   - Maintain the inventory of all privileged accounts and provide continuous improvement recommendations.

3. Endpoint Detection and Response (EDR):

   - Implement, configure, and manage EDR solutions across all corporate endpoints.

   - Continuously monitor EDR alerts, investigate incidents, and perform root cause analysis.

   - Develop and refine threat detection rules to identify suspicious or malicious activity on endpoints.

   - Work with the SOC to ensure swift and effective responses to security incidents detected by EDR tools.

   - Keep EDR software up to date, ensuring all endpoints are compliant with the latest security patches.

4. Security Operations Center (SOC) Tasks:

   - Collaborate with the SOC to identify, investigate, and respond to cybersecurity threats and incidents.

   - Monitor security alerts and events from SIEM and other monitoring tools.

   - Conduct incident triage and escalate potential incidents based on established procedures.

   - Participate in incident response activities, including forensic analysis and post-incident reviews.

   - Maintain up-to-date documentation of security incidents, threat intelligence, and mitigation efforts.

5. IT General Controls (ITGC) Implementation:

   - Assist in the design and implementation of IT General Controls, ensuring they are aligned with industry best practices and compliance requirements (e.g., SOX, HIPAA, GDPR).

   - Perform regular reviews of ITGC controls, testing their effectiveness and ensuring they meet audit standards.

   - Provide recommendations to strengthen IT controls and mitigate any identified weaknesses.

   - Collaborate with internal audit teams to ensure ITGCs are adequately documented and maintained.

   - Develop and maintain security policies and procedures aligned with the organization’s risk management strategy.

6. Vulnerability Management:

   - Conduct regular vulnerability assessments on the organization’s network, systems, and applications.

   - Utilize vulnerability scanning tools to identify security weaknesses, outdated software, and misconfigurations.

   - Collaborate with IT teams to prioritize, track, and remediate vulnerabilities in a timely manner.

   - Develop vulnerability metrics and dashboards to communicate the organization's security posture to senior leadership.

   - Stay informed on emerging vulnerabilities and ensure timely patch management.

Additional Responsibilities:

   - Participate in cybersecurity awareness training programs, helping to educate employees about security best practices and phishing awareness.

   - Assist with security risk assessments and the development of a risk mitigation strategy.

   - Stay current with the latest cybersecurity trends, attack methods, and defense strategies.

   - Contribute to the continuous improvement of the organization's cybersecurity framework.

   - Participate in security-related projects as needed, providing technical guidance and ensuring adherence to security standards.

EDUCATION, EXPERIENCE & SKILLS

- Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent experience.

   - 3 years of experience in cybersecurity, with a focus on IAM, PAM, EDR, SOC operations, and vulnerability management.

   - Strong knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001, CIS Controls).

   - Hands-on experience with security technologies, including SIEM, EDR, IAM, PAM, and vulnerability management tools.

Club Car is a diverse and inclusive environment. We are an equal opportunity employer, dedicated to hiring a diverse workforce; including individuals with disabilities and United States qualified protected veterans.