Cyber Security Risk Analyst

Garmin International, Inc. Olathe , KS 66051

Posted 4 weeks ago

As a leading worldwide provider of navigation devices and wearable technology, our focus is on developing, designing and supporting superior products. Our advanced technology promotes performance, safety and ease of use in every market we serve.

That makes us an engineering and technology company with a keen focus on recruiting talent in those fields. But the same vertical integration business model that keeps all design and manufacturing processes in-house also gives us the incentive to hire top performers from different backgrounds, including operations, finance and accounting, information technology, sales, marketing and communications.Information technology is rebooting the workforce one computer, one operating system, one associate at a time. From developing new tools and implementing standards-based applications to managing Garmin servers, email and phone systems, the team uses industry-standard technologies but also creates customized programs to meet the companys needs.

At Garmin, IT teams are comprised of associates who share the same passion about what they do every day. We offer a relaxed team environment (no dress code!) where advancement is found from sharing knowledge, not hiding it! While we promise you a lot of responsibility, you also will have the opportunity to have ownership over projectsoh, and we promise you there will be some fun mixed in there, too!We are looking for a full-time Cyber Security Risk Analyst for our headquarters in the Greater Kansas City area.

In this role, you will be responsible for improving enterprise cyber security risk posture through active engagement with IT, application and data owners. The successful candidate will generate and champion new ideas and initiatives striving for process and technology improvements through the risk management function. Other essential functions include:Organize and maintain the cyber security risk portfolio within Garmins risk management system

Work directly with application and data owners to drive mitigation of known risk

Define and implement risk ratings, models, and hierarchies to identify the impact, severity and overall risk of vulnerabilities

Review red teaming results with key stakeholders through qualitative scoring following NIST 800-39 to prioritize remediation efforts.Track, measure, validate, and report on risk identification, stakeholder notification, and remediation efforts.Assign a preliminary risk profile by identifying the information security risk factors based on data classification, design, and functional purpose and use

Specific attention to the following control areas is required: authentication, authorization, access controls (network and user), secure transmission and storage, encryption/key management, segmentation and network zoning, data flows, third party access and connectivity and functional purpose.Determine if any compensating controls are necessary due to inability to comply with the primary control requirements. Facilitate and help determine compensating controls when needed.Complete and present to Security management and business sponsors a risk assessment evaluation articulating risk and impact analysis when security controls cannot be met by an initiative to ensure transparency and appropriate level of acceptance.Maintains Information Security policies, standards, procedures, technical security baselines as applicable

Regularly contribute to management reports covering information security risk treatment, mitigation, and risk metrics. Collaborate and build relationships with IT colleagues core business partners for continued security education and awareness.Participate in the strategy and day-to-day operations of the risk management function within Garmins cyber security program

Qualified candidates possess a Bachelors Degree in Computer Science, Information Technology, Management Information Systems, Business or another relevant field AND a minimum of 5 years relevant experience OR a Master of Science Degree in one of the fields noted above AND a minimum of 3 years relevant experience. Other requirements include:Strong understanding of industry frameworks and best practices (ex.

NIST, ISO, OWASP, CIS, etc.)Detailed understanding of network design, security protocols and cloud integration security, with excellent analytical and problem-solving skills.Understanding of project management skills including design review, threat modeling and risk profiling while working across a large, distributed organization. Must apply the understanding to a diverse IT community to include policy, regulations, and compliance requirements.Must be team-oriented with proven skills in influencing people without having direct management authority and motivating them to successfully mitigate risk within required timelines.Excellent communication skills including both verbal and written

Consistently demonstrates quality and effectiveness in work documentation and organization

The ideal candidate must be able to convey complex security issues and risks while maintaining a positive relationship with key stakeholdersCISM, CISSP, PCIP, ISA, or equivalent certifications preferred.Our benefits, designed to lead an evolving marketplace, support innovation and encourage a healthy balance between work and life, keep us competitive and allow our associates to make their own decisions about their well-being and future. We offer a choice of healthcare planswith low or no premiumswhich consistently rank in the 90th percentile when compared to other high-tech employers, plus dental and vision plans for you and your family.

In addition, our financial benefits rate 82% above the median for technology companies comparable in size. Our 401K retirement plan provides 5% of pay base contribution plus a match of 75 cents for every dollar you contribute to a maximum of 10% of your compensation. The employee stock purchase plan allows for shares to be bought at a 15% discount.

Garmin International is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, veterans status, age or disability.



icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Security Analyst 3

Hyland Software

Posted 3 months ago

VIEW JOBS 3/22/2019 12:00:00 AM 2019-06-20T00:00 Overview The Cyber Security Analyst 3 is responsible for creating a secure computing environment that protects against unauthorized access, modification or destruction. Responsibilities * Apply extensive experience and best practice knowledge in designing, implementing and maintaining the public and private cloud security solutions that protect or govern information needs of the organization * Perform threat and vulnerability assessments to ensure that systems are protected from known and potential threats * Use security tools and resolve security issues * Respond to and resolve reported security incidents * Recover and maintain recovery procedures for systems * Monitor systems for anomalies, disruption and respond accordingly * Develop and execute projects and work associated * Create, maintain and update security policies, procedures, documentation and instructions * Take proactive measures to regularly streamline and constantly improve processes * Conduct security vulnerability research in areas relevant to the company; stay current in the latest information security and risk management knowledge, including new and emerging threats and vulnerabilities * Provide guidance and support to other team members Qualifications * Bachelor's degree in Management Information Systems or Computer Science * Significant experience in IT security engineering within private, public, and hybrid cloud environments * Assist in the development and design of security policies ranging from account management, password/key management, to vulnerability/threat assessment * Significant experience with Microsoft Operating systems and products * Significant experience with Unix Operating systems * Significant experience with applying security fundamentals and networking concepts * Experience with automation tools * Experience with anti-malware, file integrity monitoring, and data loss prevention tools * Advanced skills with various security tools * Recommended Comp TIA Security + or equivalent experience * Recommended CISSP, GIAC, or other security certifications * Strong oral and written communications skills that demonstrate a professional demeanor and the ability to interact with others with discretion and tact * Highly organized and experienced at successfully multi-tasking * Able to thrive in a fast paced, deadline driven environment * Strong collaboration skills, applied successfully within team as well as with other areas * Driven to learn and stay current professionally * Attentive to detail, as demonstrated by regularly verifying all work thoroughly to ensure accuracy * Up to 10% travel time required * Or an equivalent combination of education and experience sufficient to successfully perform the principal duties of the job Hyland Software Olathe KS

Cyber Security Risk Analyst

Garmin International, Inc.