What are the responsibilities and job description for the Cyber Security Analyst- In Office position at Menzies Aviation?
Job Details
Description
Reports to: Americas Cybersecurity Manager
Salary: $60,000.00
Location: Grapevine, TX.
This is not a remote working position, applicants must reside in the Dallas-Fort Worth area and must have US Citizenship for this job role
Overview
Join Menzies Aviation’s Global Cyber Security Team. Menzies Aviation is an independent, time-critical logistics specialist serving the airline industry. At more than 300 locations in 65 countries.
Working as part of a global team, based in UK, Kuwait and the US you will be responsible for supporting fueling operations across Canada, USA and Mexico to comply with security programs like NIST CSF or TSA pipeline cybersecurity requirements.
This position requires the applicant to be a US Citizen, therefore please only apply if you are. Location DFW, not a remote working position.
Ideally the applicant will have experience of managing Cyber Security controls against a recognized framework and a broad understanding of the key processes and technologies required to implement robust cyber security controls.
Daily you will be working with the operational teams in the fuel farms, regional IT teams and the wider cyber team to understand and risk assess the security controls in place in the fuel farms, identifying the gaps against the security framework requirements and planning the remediation.
You will also be working with a third-party Vulnerability Management and Managed Detection and Response provider to ensure we have the correct coverage, processes and reporting in place and identifying opportunities for improvement.
Weekly, you will be involved in planning or delivering cybersecurity incident response tabletop-based awareness exercises designed to keep awareness of cyber threats high, developing and maintaining the correct behaviors.
Provide regular status reports to SVP Fuels, CISO and fueling operations stakeholders.
Maintain cybersecurity documentation meeting regulatory requirements and carry out assessments to against the documentation to verify compliance.
Monthly you will support the implementation of projects in the region, risk assessing projects and changes at the earliest opportunity to assist with the design and implementation of the relevant security controls.
Support, coaching and training can be provided to manage the technical elements of this role. What we really value is someone who is willing to step out of their comfort zone to learn and achieve, demonstrates and positive attitude and will tackle the challenges with energy.
Main Accountabilities Include
ALL Employees have a responsibility and duty whilst at work to:
Description
Reports to: Americas Cybersecurity Manager
Salary: $60,000.00
Location: Grapevine, TX.
This is not a remote working position, applicants must reside in the Dallas-Fort Worth area and must have US Citizenship for this job role
Overview
Join Menzies Aviation’s Global Cyber Security Team. Menzies Aviation is an independent, time-critical logistics specialist serving the airline industry. At more than 300 locations in 65 countries.
Working as part of a global team, based in UK, Kuwait and the US you will be responsible for supporting fueling operations across Canada, USA and Mexico to comply with security programs like NIST CSF or TSA pipeline cybersecurity requirements.
This position requires the applicant to be a US Citizen, therefore please only apply if you are. Location DFW, not a remote working position.
Ideally the applicant will have experience of managing Cyber Security controls against a recognized framework and a broad understanding of the key processes and technologies required to implement robust cyber security controls.
Daily you will be working with the operational teams in the fuel farms, regional IT teams and the wider cyber team to understand and risk assess the security controls in place in the fuel farms, identifying the gaps against the security framework requirements and planning the remediation.
You will also be working with a third-party Vulnerability Management and Managed Detection and Response provider to ensure we have the correct coverage, processes and reporting in place and identifying opportunities for improvement.
Weekly, you will be involved in planning or delivering cybersecurity incident response tabletop-based awareness exercises designed to keep awareness of cyber threats high, developing and maintaining the correct behaviors.
Provide regular status reports to SVP Fuels, CISO and fueling operations stakeholders.
Maintain cybersecurity documentation meeting regulatory requirements and carry out assessments to against the documentation to verify compliance.
Monthly you will support the implementation of projects in the region, risk assessing projects and changes at the earliest opportunity to assist with the design and implementation of the relevant security controls.
Support, coaching and training can be provided to manage the technical elements of this role. What we really value is someone who is willing to step out of their comfort zone to learn and achieve, demonstrates and positive attitude and will tackle the challenges with energy.
Main Accountabilities Include
- Ensuring the security architecture is implemented and functioning across the estate and providing the expected detection and prevention capabilities.
- Host/lead regular tabletop exercises to maintain awareness of cybersecurity incident response and update response plans.
- Analyze and prioritize cyber threat intelligence and disseminate actionable information to the relevant IT teams and system owners to proactively mitigate emerging vulnerabilities.
- Scoping and managing the annual mandatory external testing of cyber security controls on key production systems. Reporting the findings to the relevant stakeholders and managing the required mitigations.
- Update and maintain documentation for business units to meet cybersecurity regulations.
- Monitor, measure and advise on the cyber controls of third-party suppliers.
- Ensure the relevant training and communications materials, informed by current threat intelligence, are available to promote a ‘Cyber Aware’ culture within the business.
- Collaborate with other departments such as IT, Development, legal, and Human Resources to ensure that cybersecurity measures are understood and implemented.
- Keep abreast of regulations affecting cybersecurity (e.g., GDPR, CA CCPA) and ensure the company’s adherence to these and other relevant standards.
- Performing risk assessments for new systems, significant changes, current processes, projects, integrations and updating the risk register with findings and propose an appropriate remediation plan.
- Consult with IT and system owners to ensure that their cyber security requirements are factored into the evaluation, selection, installation, and configuration of hardware, applications, and software. Identifying areas for potential improvement.
- Management of cyber risk by working with business and IT stakeholders to understand processes, inform on current cyber risk and manage this to an acceptable level.
- Monitoring and reporting on compliance with security policies, as well as the enforcement of policies within the IT department.
- Other cybersecurity responsibilities that are covered by this position
- Bachelor’s Degree or equivalent experience with Associate Cybersecurity or Information Systems degree
- Must pass background check and obtain US Customs seal
- Must have US Citizenship for job role
- Manage security controls across operational fueling teams.
- Manage the performance of third-party service delivery partners.
- Professional certifications such as Certified Information Systems Auditor, GIAC Security Essentials (GSEC), Systems Security Certified Practitioner (SSCP), CompTIA Security , etc. are preferred.
- Experience in conducting training and awareness programs.
- Strong understanding of cybersecurity compliance framework, standards, and best practices (e.g., NIST, CIS Controls, ISO27001 and ISO27002, SOC2, COBIT, CMMC 2.0, etc.)
- Knowledge of system and network exploitation, attack vectors and pathologies, intrusion techniques, such as phishing, denial of service attacks, OWASP Top 10 vulnerabilities, malicious code/malware, ransomware, password attacks, etc.
- Experience with SIEM log centralization solutions.
- Excellent analytical, problem-solving, and communication skills.
- Highly analytical with the ability to influence, challenge, and implement change.
- Experience in dealing with work of a confidential and sensitive nature.
ALL Employees have a responsibility and duty whilst at work to:
- Take reasonable care for the health and safety of themselves and of others who may be affected by their actions or omissions whilst at work.
- Co-operate with their manager/supervisor in order to allow them to perform or comply with any legal requirements imposed on the company.
- Not intentionally or recklessly interfere with or misuse anything provided by the company in the interests of health, safety, or welfare reasons.
- Inform their manager/supervisor of any work situation, equipment, or activity that represents a serious or immediate danger to health and safety.
- Report any hazards, near misses, incidents, accidents or dangerous occurrences to their manager/supervisor, who will then follow the procedures contained in this manual.
- Carry out work in accordance with information and training provided and any specific workplace health and safety rules or procedures.
- Fully understand the company's health and safety policy.
- Attend training courses as may be arranged by the Company.
- Engage with MORSE and follow our code principles.
Salary : $60,000
