INFORMATION SECURITY ANALYST
Crown Holdings
Yardley, PA

About $83,000 - $110,000 a year

EducationSkills
Job Accountabilities

Crown is a worldwide leader in the design, manufacture, and sale of packaging products and equipment for consumer and industrial products. Crown's packaging for consumer products include steel and aluminum cans for food, beverage, household and other consumer products, glass bottles for beverage product and metal vacuum closures and steel crowns sold through Crown's sales organization to the soft drink, food, citrus, brewing, household products, personal care and various other industries. Crown's packaging for industrial products includes steel and plastic strap consumables and equipment, paper based protective packaging, and plastic film consumables and equipment, which are sold into the metals, food and beverage, construction, agricultural, corrugated, and general industries.

With operations in 47 countries employing over 33,000 people and net sales of over $11 billion, we are uniquely positioned to bring best practices in quality and manufacturing to growing economies in Asia, Eastern Europe, South America and the Middle East and North Africa. Whether improving existing technology or pioneering a new concept, we are committed to working in partnership with our customers to drive their businesses locally and globally.

Position Description

As an Information Security Analyst, you will be responsible for the following:
  • Work extensively with the information security manager, security team and network engineers in order to identify security problems and develop solutions.
  • Investigate and respond to notifications (alerts, tickets, advisories) from our network security monitoring service and email protection service.
  • Monitor LAN/WAN and perform risk assessments on servers and applications ensuring data integrity and confidentiality is maintained.
  • Analyze metrics from security tools and utilities, monitor real-time and archived intrusion, vulnerability and audit log data.
  • Assist with maintaining the organization’s information security infrastructure, and adherence to the company’s information security policies.
  • Research, develop and implement security solutions and measures that safeguard and maintain the successful operation of the company.
  • Analyze and recommend security requirements for various business initiatives and new IT applications.
  • Review key security tools on a daily basis, (IDS systems, virus protection, firewall and VPN) and ensure they are functioning and updated with latest protection signatures.
  • Perform monthly platform reviews on server configurations with host-based network assessment tools; perform patch management testing and vulnerability assessment review of existing and new servers. Generate monthly reporting metrics on firewall usage & virus activity.
  • Perform quarterly reviews of the wireless infrastructure, firewalls, VPN/remote access configuration and privileged user account reviews.
  • Other duties include but are not limited to the following:
o Approve appropriate user/group level access for shares/directories of file servers and applications and prevent unauthorized access to the aforementioned.
o Discover, investigate and resolve system vulnerabilities (i.e. unneeded services/ system/devices internally and externally).
o Stay abreast of new security techniques that best implement the information security policies and maintain knowledge of industry-wide security issues.
o Assist with information gathering in various audit requests.

Job Requirements

Requirements:
  • Bachelor's degree in Information Sciences or related field required.
  • 5+ years of professional experience in information technology with a security focus.
  • Strong technical knowledge of a Windows Active Directory network environment.
  • Security and/or Microsoft network certifications such as MCSE, MCSA, CISSP and SANS GNSA are preferred.
  • Proficiency with PowerShell and other Windows network administration tools.
  • Extensive understanding of networking fundamentals and knowledge of TCP/IP networking required.
  • Extensive knowledge of the technical threats to the information technology environment.
  • Experience with Windows 2008/2012/2016/2019, TCP/IP, VPN’s, firewalls, DMZ’s, WAN’s, switches and routers.
  • Working knowledge of virtual server environments and cloud-based solutions preferred.
  • Experience with network management and monitoring tools. Familiarity with Microsoft System Center Console Suite preferred.
  • Experience with Nessus, Nmap and other security vulnerability scanners preferred.
  • Understanding and familiarity of information security architecture design and practices.
  • Experience with information security audits and Sarbanes-Oxley regulations desired.
  • Experience with SharePoint security architecture preferred.
  • Working knowledge of Microsoft Azure/Office 365.
  • Intermediate working knowledge of Linux O/S and Linux based security applications are a plus.
  • Must have excellent planning, communications, written and oral skills.
Travel
0 - 10%