IT Security Analyst

Since 1965, Stoneridge has designed and manufactured advanced, award-winning technologies including driveline and transmission actuation systems, vision systems, emissions control systems, safety systems, and security and monitoring systems for vehicle OEMs in the commercial vehicle, automotive, off-highway and agricultural vehicle markets. We're focused on the areas of greatest market need - both today and tomorrow. Our core products and technologies are aligned with industry megatrends including safety and security, vehicle intelligence, fuel efficiency and emissions. Join the Stoneridge Team as we continue to build upon our strong history and reputation for quality products to deliver innovative products and systems that address a need, exceed our customers' expectations, and motivate our team.

JOB SUMMARY:

The primary role of the IT Security Analyst is to provide identification, investigation, documentation, and resolution of security breaches detected by in-place security systems in an ever-changing work environment. Secondarily, support implementation of new security solutions, participation in the creation and maintenance of IT security policies, standards, baselines, guidelines, and procedures. They will also conduct vulnerability audits and assessments. The IT Security Analyst is expected to be fully aware of the enterprise's security goals as established by its stated policies, procedures, and guidelines and to actively work toward upholding those goals.

PRINCIPLE RESPONSIBILITIES:

• Participate in the planning and design of enterprise security architecture, under the direction of the Global IT Architect & Cybersecurity Director, where appropriate.

• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the Global IT Architect & Cybersecurity Director, where appropriate.

• Participate in the planning and design of an enterprise disaster recovery plan, under the direction of the Global IT Architect & Cybersecurity Director, where appropriate.

• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.

• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.

• Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically

• Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices).

• Maintain operational configurations of all in-place security solutions as per the established baselines.

• Monitor all in-place security solutions for efficient and appropriate operations.

• Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.

• Proactively initiate investigations into problematic activity.

• Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.

• Provide on-call support for end users and IT personnel for all in-place security solutions.

EDUCATION, EXPERIENCE AND KNOWLEDGE:

• University degree in the field of computer science or business administration.

• Five years' work experience in an IT position.

• Proven experience in a cybersecurity position including:

• Intrusion detection and prevention

• Information gathering and analysis

• SIEM systems

• Familiarity with audit compliance initiatives and frameworks

• Familiar with risk management and business risk policies

• Knowledgeable of data security practices including encryption/decryption and management

• Strong understanding of IP, TCP/IP, and other network administration protocols.

• Understanding of both Windows and Linux operating systems is essential.

• Understanding of Microsoft Azure and M365 security.

• Proven analytical and problem-solving abilities.

• Ability to effectively prioritize and execute tasks in a high-pressure environment.

• Good written, oral, and interpersonal communication skills.

• Ability to work with multiple levels of management and associated-level employees.

• Ability to conduct research into IT security issues and products as required.

• Ability to present ideas in business-friendly and user-friendly language.

• Extensive experience with Microsoft platforms, including Word, PowerPoint, SharePoint, and Excel, is also required.

• Highly self-motivated and directed.

• Keen attention to detail.

• Team-oriented and skilled in working within a collaborative environment

Stoneridge is an Equal Employment Opportunity Employer. We do not discriminate against any applicant or employee based on race, color, religion, national origin, gender, age, sexual orientation, marital status, mental or physical disability, genetic information, veteran status or any other characteristic protected by the applicable laws in the countries we operate. Stoneridge also prohibits harassment of applicants or employees based on any of these protected categories.