Spirit AeroSystems Cyber Security Analyst 2 in Wichita, Kansas
Spirit AeroSystems designs and builds aerostructures for both commercial and defense customers. With headquarters in Wichita, Kansas, Spirit operates sites in the U.S., U.K., France and Malaysia. The company's core products include fuselages, pylons, nacelles and wing components for the world's premier aircraft. Spirit AeroSystems focuses on affordable, innovative composite and aluminum manufacturing solutions to support customers around the globe.
The Cybersecurity Analyst assists in the development, implementation and maintenance of the Information Security program for Spirit AeroSystems and its affiliates. This analyst will perform duties in support of cybersecurity incident response (CIRT), vulnerability management, threat intelligence and implementation of cybersecurity architecture. Responsibilities include conducting vulnerability assessments and reporting as part of routine vulnerability scanning, collaboration with various IT teams to deploy security patches and/or configuration changes as a means to address identified vulnerabilities, and provide intelligence regarding active cyber threats and vulnerabilities in order to properly analyze, prioritize, and remediate the associated technical and business risks. This position requires the ability to balance multiple projects and tasks, provide clear and concise communication, and the ability to work and think in emergency situations. This analyst will also be responsible for collection of incident/event metrics to support cybersecurity effectiveness and compliance reporting.
• General experience with information security technologies and processes, including anti-malware, firewalls, IDS, EDR, network vulnerability scanners, UEBA, or SIEM• General experience in Information Technology, including programming languages, computer hardware, storage subsystems, account/access management, Public Key Infrastructure, and/or telecommunications• Experience administering operating systems (examples: Windows, LINUX, UNIX)• Experience using InsightIDR, InsigntVM (Nexpose), Nessus, Palo Alto, Metasploit, WireShark, Nmap, etc.• Experience with information security testing methodology desired• Demonstrated ability to assess business risk, classify potential threats, and enhance security controls for remediation & countermeasures• Experience with cybersecurity incident response and investigations, including security event log collection, cyber threat hunting, and incident reporting using best practices• Experience with commonly accepted industry standards and best practices relating to information security compliance, including NIST 800 series or ISO 27000 series; specific experience in NIST SP800-53 and/or SP 800-171 controls is a plus.• Experience with the DoD National Industrial Security Program (NISP), especially Chapter 8 of the National Industrial Security Operating Manual (NISPOM) is a plus• Experience working with Common Vulnerability Scoring System (CVSS) Version 2 or 3
The potential for remote work
• Bachelor's degree in computer science/technology, cybersecurity, information management or other IT related field required with a minimum of 2 years related information security experience• Major cybersecurity certification such as: CISSP, CISM, CCSP, CISA is desired
• US Citizenship
• Successful candidates would have an active DoD security clearance (Secret or above), or the ability to obtain DoD Clearance
Spirit AeroSystems is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, marital or civil partnership status, pregnancy, age, disability, veteran status or any other protected factor under federal, state or local law.
Posted Date2 weeks ago(11/10/2020 4:26 PM)