IT Security Analyst

Company Description

At ITW Food Equipment Group/Hobart, people and food are our passion. We believe great food brings people together, and the relationships we share feed our inspiration to be the best we can be for one another.

Our family of premium brands has been dedicated for more than a century to supporting those who are not only passionate about creating great food, but are inspired by the people they serve and come to know on a daily basis.

Likewise, it is our mission to provide food equipment that foodservice and food retail professionals can trust to work hard and deliver quality, consistent results day in and day out, empowering them to focus on what they love most—creating great food for great people.

Job Description

We are seeking a dynamic, enthusiastic, and self-motivated individual to join our IT Infrastructure team here in beautiful Troy, Ohio. 

About this Position

Are you interested in working with Cybersecurity, Local and Wide Area Networking, Windows Servers and Virtualization, Remote Access / Remote Control solutions, VoIP telephony, and Mobile Device Management?

Do you have the confidence and patience to calmly assist and guide end-users and teammates through technical challenges? 

Are you a self-motivated team player, with integrity and a strong work ethic?

If so, then you might be a good fit for the missing piece of our experienced IT Infrastructure Team and will be welcomed to a friendly and supportive work environment. 

The IT Security Analyst reports to the IT Infrastructure Manager as a member of the IT Infrastructure Team. You will work closely with wonderful IT Infrastructure teammates to provide Networking/Telephony/Cybersecurity experience and support where needed. You will have the opportunity to interact with all levels of management and other ITW-FEG personnel. You should have patience, excellent interpersonal skills, strong ethics, and present a positive professional attitude.

Primary Focus and Responsibilities

• Keep abreast of new security issues and the methods to protect against them.  Proactively implement security protections/solutions.  Leverage the use of SIEM (Security Information and Event Management) tools to monitor and report on our IT Infrastructure.
• Assist and provide backup network support by proactively investigating and learning our unique networking infrastructure. With guidance from the Senior Network Engineer, you will work with both Local and Wide Area Networking, VLANS, a spoke-and-hub SD-WAN VPN configuration, client VPN, switches, network routing, Primary, Secondary and Tertiary Internet circuits, our VoIP system, and our various firewalls.
• Vulnerability Remediation and Reporting Analysis.  Regularly monitor endpoint vulnerability scan results.  Identify and remediate newly discovered Critical Vulnerabilities.  Identify and report on trends and/or anomalies.
• Endpoint Protection and policy administration.  Utilizing automation tools, ensure that all client computers are inventoried and have up-to-date software components.  Ensure that newly added computers are protected.   Adjust policy settings as needed to defend against emerging threats.  Support the Help Desk when they have technical questions/issues with the implementation of the Endpoint Protection software solution.
• Review/analyze reported Malware and Phishing incidents.  As needed, remove Phishing emails from our Office 365 Tenant.  Remediate/remove Malware when discovered or reported.  Communicate and coordinate with the ITW Corporate Cybersecurity Team as appropriate.

Technical Areas of Engagement and Opportunity

Security

• Support and help manage campus Firewalls to ensure the network perimeter defense can protect company assets. Implement updates/patches and configuration settings to defend against new and emerging threats.
• Support and maintain the security profile for our IT Infrastructure using best practices and company provided tools, to ensure the protection of company assets, as well as our corporate reputation.  These tools include Firewalls, Vulnerability Detection systems, and an Endpoint Protection solution. 
• Implement remediation's for discovered Critical Vulnerabilities in a timely manner.

Networking

• Support and help manage WAN, LAN/VLAN and VPN configurations and routing, including local and remote network switches.
• Support and help manage the campus-wide wireless network.
• Perform daily network monitoring, verifying the integrity and High Availability of network components and circuits.  Apply remediations and enhancements as required.
• Develop, document, and administer networking standards and procedures.
• Identify areas for network infrastructure improvements and upgrades, including trend analysis and capacity planning.
• Inventory and document network hardware use, including switch port assignments.
• Provide support for campus-wide Identity Access Management and security cameras.

Telephony

• Support and help manage a campus-wide and multi-city VoIP system that involves both VLAN and WAN connections.
• Work with telecom hardware and circuit providers to troubleshoot issues, and to implement upgrades.

General Infrastructure

• Provide direction and act as an escalation point for the Help Desk.
• Develop and maintain installation and configuration procedures and associated documentation.
• Research and recommend innovative, and where possible, automated approaches for system administration tasks.
• Help repair and recover from hardware or software failures.  Help coordinate and communicate with impacted users.
• Responsibilities might on occasion require working evenings and weekends, sometimes with little advance notice.

Qualifications

Minimum Qualifications/Experience

• Bachelors’ Degree in CS/MIS or related field
• Experience maintaining Firewalls
• Experience managing Endpoint Protection
• Experience managing Email Protection
• WAN and VPN management experience
• Experience maintaining Microsoft Active Directory
• Office 365 Experience (SharePoint, Teams, OneDrive, Outlook)
• Excellent troubleshooting and problem resolution skills
• Effective oral, interpersonal, and written communication skills, including listening
• Must be adaptable, flexible, organized, and able to maintain composure
• Must be able to make sound, logical judgments using deductive reasoning, attention to detail; understands the cause and effect of such decisions
• Self-starter; works with minimal supervision
• Knowledge of Microsoft Windows Server Environments, including virtualization
• Knowledge of IP network infrastructures, troubleshooting and monitoring
• Knowledge of Microsoft Active Directory security environment
• Knowledge of network and Internet security environments

 Preferred Qualifications/Experience

• Experience managing VLANs
• Experience managing Network Routing
• Experience maintaining Microsoft DHCP, DNS, LDAP
• PowerShell usage and scripting
• Experience using security tools to discover, then remediate, critical vulnerabilities
• Technical experience working with Windows Server in a Virtualized environment
• Technical experience working with Microsoft Azure
• Some experience with Linux
• Familiarity with Rapid7, Cylance, CheckPoint, SonicWall, Sophos, Aruba, Cisco Meraki, Forcepoint, HP Switches is a plus

Additional Information

Why work for us?

• Competitive pay
• Great insurance options with low premiums
• Paid vacation and holidays
• 401K with company match
• Extensive on-the-job training
• Safety-conscious work environment

ITW is an equal opportunity employer. We value our colleagues’ unique perspectives, experiences and ideas and create workplaces where everyone can develop their careers and perform to their full potential. 

As an equal employment opportunity employer, ITW is committed to equal employment opportunity and fair treatment for employees, beginning with the hiring process and continuing through all aspects of the employment relationship. 

All qualified applicants will receive consideration for employment without regard to race, color, sex, gender identity, sexual orientation, religion, national origin, age, disability, protected Veteran status or any other characteristic protected by applicable federal, state, or local laws.