US Foods Lead Security Analyst in Rosemont, Illinois

Job Description:

Basic Purpose-

The Lead IT Security Analyst will be responsible for: vulnerability assessment; vulnerability management; enforcing security standards; security of custom applications, complying with requirements of external security audits & recommendations across the enterprise.

Description-

ESSENTIAL DUTIES AND RESPONSIBILITIES:

  • Collects, analyzes, validates, and prioritizes enterprise vulnerabilities identified by Scanning devices, penetration testing, vulnerability scanning tools, application security code scans;

  • Drives remediation, mitigation, and/or acceptance of risk for identified vulnerabilities;

  • Works with infrastructure, application, and security teams to address identified vulnerabilities;

  • Makes recommendations to resolve vulnerabilities based on security best practice relative to cost, impact, and risk level;

  • Works with application teams to ensure a secure application architecture and that secure development standards are being followed;

  • Performs analysis of security tool needs; contributes to design, integration, and installation of hardware / software;

  • Monitors security system logs (i.e., intrusion detection system, firewall system logs, etc.) and reports on discovered anomalies or problems (i.e. insufficient disk space, inappropriate access patterns, etc.);

  • Assists with security assessments for potential business partners;

  • Keeps fully abreast of trends and changing technologies related to information security fields;

  • Conducts violation / vulnerability report review; coordinates IT risk mitigation;

  • Investigates IT security violations, known vulnerabilities, and data breaches;

  • Performs vulnerability assessments; conducts compliance activities in response to internal and external audits;

  • Performs security research & vendor evaluations at the direction of the ITRM Security Architect; assists with testing and implementation of security solutions;

  • Maintains / enforces security policies and standards;

  • Acts as interface with and liaison to business and IT application owners; ensures applications, infrastructure components, and access are appropriately assessed;

  • Assists IT Security Architect with IT security reviews and signoffs for new systems development projects;

  • Executes security incident response procedures in accordance with threat levels;

  • Monitors the schedules for upgrading, repairing, modifying, or replacing IT security systems, devices, and applications; monitors eCommerce-related processes and equipment;

  • Communicates effectively (both written and verbal);

  • Learns new tools and technologies quickly;

  • Manages multiple priorities and follows a project plan to meet project deliverables;

  • Assists with firewall rule changes and exception;

  • Assists in managing web content filtering solution; adjusting user roles, updating white list URLs and black list URLs;

  • Assists in managing SSL certificates, signs certificates with our public CA providers as well as internal CA.

EOE Race/Color/Religion/Sex/Sexual Orientation/Gender Identity/National Origin/Protected Veteran/Disability Status

Qualifications-

Required Qualifications:

  • 5 years of experience in information technology;

  • Recent direct experience working within an information security function;

Direct experience managing one or more of the following:

  • Vulnerability management (i.e., Qualys);

  • Application Security;

  • Firewalls;

  • Identity and Access Management;

  • Single Sign-on;

  • SSL & PKI;

  • Active Directory;

  • Oracle security products;

  • F5;

  • Fortinet NGFW a plus.

Preferred Qualifications:

  • Bachelor's Degree;

  • CISSP certification;

  • Experience working in an organization that provided exposure across multiple IT functional areas (i.e., infrastructure, networking, security, data management, and application development).

Primary Location: Rosemont-IL

Schedule: Full-time Shift: Day Job

Job Function: Systems Admin/Security

Job Level: Individual Contributor

Travel: Yes, 20 % of the Time