Information Security Analyst

Johnson Controls is a global diversified technology and multi industrial leader serving a wide range of customers in more than 150 countries. Our 130,000 employees create intelligent buildings, efficient energy solutions, integrated infrastructure and next generation transportation systems that work seamlessly together to deliver on the promise of smart cities and communities.   Our commitment to sustainability dates back to our roots in 1885, with the invention of the first electric room thermostat.  We are committed to helping our customers win and creating greater value for all of our stakeholders through strategic focus on our buildings and energy growth platforms. Johnson Controls is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, status as a qualified individual with a disability, or any other characteristic protected by law. If you are an individual with a disability and you need an accommodation during the application process please email [email protected]

 

Johnson Controls

Johnson Controls, Inc. (NYSE: JCI) is a global diversified industrial leader employing 170,000 employees serving customers in more than 150 countries with products, services and solutions on a B2B basis to a wide range of market segments.  The company operates across three major business units: Automotive Experience; Power Solutions; and Building Efficiency.   Automotive Experience generates approximately $20bn of revenue annually and designs and produces automotive seating and interiors systems that help make the driving experience more comfortable, safe and enjoyable.  Building Efficiency provides products and services which enhance the comfort, safety and energy efficiency of buildings.  Through its Power Solutions business, Johnson Controls is the world’s leading supplier of batteries used in automobiles, including conventional cars and trucks. In fiscal 2014, Johnson Controls generated $42 billion in revenues. 

The Role

The Johnson Controls Global Information Security (GIS) team is undergoing a transformation and expansion as Johnson Controls increases its cybersecurity resources and capabilities in order to address the increasing cybersecurity threat landscape.

Hosted in Milwaukee, Wisconsin, the Information Security Operations Security Analyst is a position reporting into the Global Information Security Operations Manager with responsibility with assisting in development and implementation of standard operating procedures which support prevention, detection and response of cyber security risks and threats. The global incident management program will provide the company with the ability to complicate, detect, and respond to Cyber Security incidents impacting the enterprise by ensuring they are properly identified, analyzed, communicated, actioned/defended, investigated and reported. The program will have responsibility over security monitoring and is responsible for global 24×7 incident response activities.  The global security incident management program will also manage information resources during incident response activities to identify possible cyber-attack or intrusion events, and determine if it is a business impact.

Primary Responsibilities
  1. Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
  2. Assist with Computer Security Incident Response activities for a large organization, coordinates with other GIS team and business units to record and report incidents.
  3. Perform follow-up, as necessary to assist with Intrusion Detection Systems (IDS) monitoring and analysis to identify security issues for remediation.
  4. Support efforts to recognize intrusion attempts and perform thorough reviews and analyses of relevant event detail and summary information.
  5. Communicates alerts to cross functional teams regarding intrusions and compromises to the network infrastructure, applications and operating systems.
  6. Assists with implementation of counter-measures or mitigating controls.
  7. Prepares incident reports of analysis methodology and results.
  8. Maintains current knowledge of relevant technology as assigned.
  9. Participates in special projects as required.

#external 

 

Qualifications

 

Candidate Profile
The successful candidate will be a passionate information security professional with the ability to communicate to different business and IT leaders. The candidate will be able to execute the security incident response and Information inventory management strategy defined by leaders. The candidate will demonstrate drive, intelligence, maturity, and energy and will be a proven change leader. The Security Analyst will also perform analysis of log files including forensic analysis of system resource access.
  • A minimum bachelor degree in computer engineering, computer security, computer science discipline, or relevant work experience.
  • 2-5 years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration, network operations, engineering, system administration on Linux, or Window
  • Solid understanding of basic computer science including: algorithms, encryption, databases, operating systems, networks, and tool development
  • Strong understanding of adversary motivations including cybercrime, cyber hacktivism, cyber war, cyber espionage and the difference between cyber propaganda and cyber terrorism.
  • Strong understanding of security operations concepts such as perimeter defense, BYOD management, data loss protection, insider threat, kill chain analysis, risk assessment and security metrics.
  • Team member with good communication skills and the ability to communicate to technical and non-technical audiences at different seniority levels
  • Ability to create and maintain good business relationships with counter parts, customers and external entities to achieve the security incident management goals
  • Ability to maintain a high level of discretion and personal integrity in the exercise of duties, including the ability to professionally address confidential matters
  • Experience with open source and commercial security management tools
  • Experience in the definition and implementation of strategic information security plans
  • Moderate to Advanced event analysis leveraging SIEM tools ( preferred)
  • Moderate incident investigation and response skill set
  • Moderate log parsing and analysis skill set
  • Moderate knowledge of networking fundamentals (TCP/IP, network layers, Ethernet)
  • Moderate knowledge of malware operation and Indicators of Compromise (IOC)
  • Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
  • Moderate knowledge of Windows and Unix or Linux
  • Basic to Moderate knowledge or IDS/IPS systems
  • Basic to Moderate knowledge of Firewall and Proxy technology
  • Basic to Moderate knowledge of penetration techniques
  • Basic to Moderate knowledge of DDoS mitigation techniques
  • Basic knowledge of Data Loss Prevention monitoring
  • Basic experience with scripting
  • Basic knowledge of forensic techniques
  • Basic to Moderate protocol analysis experience (Wireshark, etc.)
  • Basic knowledge of audit requirements (PCI, HIPAA, FISMA, SOX, etc.)
  • Basic knowledge in National Institute of Standards and Technology (NIST) as they apply to FISMA
  • Experienced in mentoring and training junior analysts
Desired Certifications (but not required): 
  • CompTIA Security+
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Intrusion Analyst (GIAC)
  • GIAC Certified Forensic Examiner (GCFE)
  • GIAC Certified Forensic Analyst (GCFA)
  • Certified Ethical Hacker (CEH)
  • Cisco Certified Network Associate Security (CCNA Security)
  • Cisco Certified Network Associate (CCNA)
  • Server Platform Certifications (Microsoft, Linux)
 
This job description indicates the general nature and level of work expected of the incumbent.  It is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities required of the incumbent.  Incumbent may be required to perform other related duties.

Source:https://tas-johnsoncontrols.taleo.net/careersection/na_eng/jobdetail.ftl?lang=en&job=WD30037977242&src=JB-15980