What are the responsibilities and job description for the Cybersecurity Analyst position at Post Holdings Inc.?
Business Unit Description:
RESPONSIBILITIES:
Feeding the world is what we do – how we do it is unique. We are not your textbook consumer packaged goods company. While others may be slow to make change happen, Post continuously drives both inorganic and organic growth. Our history is evidence of that fact with over 100 years of heritage and growth from brands that transcend generations like Honey Bunches of Oats, Fruity Pebbles, Malt-O-Meal, Bob Evans Farms, Kibbles 'n Bits, Egg Beaters, Peter Pan Peanut Butter, Ronzoni Pasta and more. Our foodservice and ingredient businesses supply other products you love for brands, restaurants and stores.
Our offices and manufacturing sites are in 62 locations in five countries, and we have 11,500 employees. Over the past 10 years, Post has made 22 acquisitions and reached $7 billion in net sales in fiscal 2023. During turbulent times of market uncertainty, the food industry has provided a level of stability unlike other industries.
Post Holdings, Inc. is headquartered in Brentwood, a suburb of St. Louis, Missouri. Our casual professional atmosphere encourages team members to collaborate, innovate and support our operating companies. Our passion and drive advance the reputation of our operating companies and brands—together, we make a difference.
Responsibilities:
The Post Holdings IT team is seeking a cyber security professional with demonstrated network, platform and application layer security-related skills to conduct day to day security monitoring and triage of security related events. Responsibilities will include managing the incident repose process for incidents and participating, as a team member, in major incidents. This position also drives our awareness and phishing programs developing training and executing the tests and training. To thrive in this position, we need an individual with a technical understanding of networking, identity management, host security and operating systems. The individual should have the ability to learn new information at a rapid pace. Good technical and communication skills, ability to deal with ambiguity and very high level of creativity and inquisitdiveness are a must. Previous experience in security operations, security event monitoring, and incident response are important. The Security Analyst will report to the Director, Cybersecurity Architecture and Operations and will be based in St. Louis, Missouri.
RESPONSIBILITIES:
- Configure and monitor various cyber-security tools for proper operation.
- Conduct initial triage of cyber-security alerts.
- Manage the incident response process for security events.
- Conduct investigations and analysis of various cybersecurity related events.
- Define and build new use cases for security tools based on changes or new knowledge of the environment.
- Configure and monitor email security solutions.
- Configure and monitor URL filtering and DNS security solutions.
- Perform phishing triage, determining whether emails are safe or malicious.
- Develop, perform, and generate reporting for monthly phishing campaigns.
- Develop, execute, and generate reporting for quarterly awareness campaigns.
- Create and update documentation and generate ad hoc reports.
- Be a knowledge resource and ambassador for cyber-security for the IT staff.
- Be available for afterhours support for both on-call and critical cyber security incidents.
- Train and mentor associate and apprentice cyber security analysts.
Experience
- 2 years of experience working in Information Security
- 3 years of experience working in Information Technology
- Candidates should also have experience with scripting/coding, secure development, and open-source security tools.
Education
- BA or BS degree in Information Security, Cyber Security, Computer Science or related field or commensurate experience
- Certified Information Security Systems Professional (CISSP) preferred or equivalent experience
Knowledge & Skills
- The individual must have an intimate knowledge of various operating systems and networks, network and application security, cryptographic standards and Public Key Infrastructure (PKI).
- Knowledge of the NIST CyberSecurity Framework (CSF) and the CIS Critical Security Controls.
- Working knowledge/experience with network systems, security principles and applications.
- Able to communicate technical issues to non-technical people.
This is a hybrid role based in St. Louis. In office days are Tuesdays, Wednesdays and Thursdays. Work from home days are Mondays and Fridays.
