Vulnerability Management Analyst - OT (Remote Opportunity)
Company: Smithfield Foods
Posted on: September 19, 2023
Your OpportunityAs a member of the Critical Security Incident
Response Team, the VM Analyst will collaborate with the incident
commander to facilitate efficient and swift responses, aiming to
mitigate the impact of cyber events on business operations and
uphold the confidentiality, availability, and integrity of data.
Achieving success in this role necessitates adept cross-team and
cross-discipline collaboration, skillfully evaluating risk in
relation to business operations' impact, and a solid track record
of technical cybersecurity expertise in a fast-paced and growing
organization. The VM Analyst - Operational Technologies performs as
a highly motivated and experienced Cybersecurity Vulnerability
Management (VM) Analyst to support various programs and strategic
initiatives within the company. This role conducts vulnerabilities
assessments that may present a risk to the confidentiality,
availability and integrity of IT and OT assets and operations, then
categorizes and prioritizes vulnerability risk findings to provide
guidance for remediation to support teams and business
stakeholders. Salary Range $66,000 - $96,250 Core
Regularly meets with the Director of Cybersecurity and the Security
Operations Team to review threat activity, adversary tactics,
targeted vulnerabilities, and exposure risks.
Works closely with other cybersecurity staff to develop, test, and
implement new cybersecurity software and services. Assist in the
development of a support model, standard operating procedures.
Administers security solutions that scan and detect vulnerabilities
within IT assets, applications, cloud services and third-party
Performs comprehensive security testing and threat path analysis of
networks, systems, cloud-based platforms, and virtualization
Proactively assesses the program's effectiveness by continuously
monitoring compliance with baseline, patching, and application
security requirements and standards.
Conducts recurring scanning for enterprise assets, report
discovered vulnerabilities, and assist with mitigation strategies
for vulnerabilities that cannot be corrected (zero day).
Collaborates with system owners and support teams to analyze and
evaluate mitigation strategies, offering guidance and assistance in
enhancing strategies when necessary.
Maintains technical expertise, relevant industry standards, and
best practices as assigned in cybersecurity technologies such
Operational Technologies (OT) such as HMIs and PLCs.
Network, Server, Virtual systems, and cloud security hardening.
Cloud deployment and security models including public, community,
private, and hybrid.
Cloud service delivery models including infrastructure-, platform
Email threat protection.
Maintains awareness of latest cybersecurity risks and threat actor
tactics, techniques, and procedures (TTPs).
Continuously promotes security awareness within the organization in
support of the Behavior Management Program.
Acts as a technical point of contact for escalations and
troubleshooting of security issues.
Plays an active role in enhancing and developing incident response
playbooks to align with the dynamic threat landscape.
Participates in security audits and security capability
Participates in a rotating emergency on-call as well as respond to
Critical Incident Response Team activations.
Responsible for meeting KPIs and KRIs and adapt to changes in the
Collaborates with other cybersecurity engineers and analysts in the
IT and OT organizations to manage security threats and response
Uses a threat-based, intelligence-led approach to Vulnerability
Management and remediation to reduce cyber-risk to the
Serves as a key advisor to the Director of Cybersecurity, BISO and
Manager of Cybersecurity Operations.
Develops specific security and risk recommendations for improvement
and alignment to overall Smithfield and Information Security and
Ensures the historic risks are managed, understood, and used in
future decisions and maintain flexibility in team to adapt to
evolving risk landscapes.
Participates in cybersecurity team efforts as they relate to the
information security program and incident response.
The above statements are intended to describe the general nature
and level of work being performed by people assigned to this job.
They are not intended to be an exhaustive list of all
responsibilities, duties, and skills required of personnel so
classified. May perform other duties as assigned. QualificationsTo
perform this job successfully, an individual must be able to
perform each essential duty satisfactorily. The requirements listed
below are representative of the knowledge, skill, and/or ability
required. Reasonable accommodations may be made to enable
individuals to perform the essential functions .
Bachelor's degree from an accredited four-year college or
university in Computer Science, Cybersecurity, Information Systems,
or a related field and 2 years Information Security, Vulnerability
Management or Operational Technology experience or relevant
experience; or an equivalent combination of education and
Active industry certification such as, CISSP, GCIH, CCSP, GCIA or
Experience with "defense-in-depth" and "defense-in-breadth"
principles and technology.
Knowledge of industrial network protocols and devices.
Understanding of frameworks such as PCI, SOX, SOC 2, HIPAA, GLBA,
NIST CSF, NIST SP-800, MITRE, ISO 27001
Experience with Enterprise level Vulnerability/Pen-Test
Strong familiarity with OWASP TOP 10 vulnerabilities, SANS 25,
MITRE and CWEs.
Experience working in a multinational company with complex
integrated environments in Information Technology (IT). Experience
in Operations Technology (OT) desired.
Self-driven, autonomous and can contribute to the strategy and
roadmap of the cybersecurity team.
Ability to handle proprietary and sensitive information in a
Proven ability to work effectively as a remote individual
contributor as well as in a team environment.
Demonstrated flexibility, organization, and ability to execute
multiple tasks efficiently and effectively.
Ability to communicate effectively across all levels of the
organization, including the delivery and explanation of complex
security-related concepts into clear, concise, and understandable
Excellent written and verbal communication skills.
Ability to leverage industry best practices and previous
experiences while remaining creative, inquisitive, and
Solid critical thinking and analytical skills, experience solving
practical issues, and engaging cross functional teams of multiple
process partners to gain consensus.
Ability to be respectful, approachable and team oriented while
building strong working relationships and a positive work.
Occasionally required to stand; walk; and reach with hands and
Regularly required to talk and hear.
Frequently required to sit and use hands to finger, handle, or
Occasionally required to lift and/or move up to 25 pounds.
Specific vision abilities required by this job include close
Occasionally required to work in wet or humid conditions
(non-weather); work near moving mechanical parts; fumes or airborne
Noise level in the work environment is usually moderate.
Although most of the work will be performed in an office
environment, must be able to visit and work in a plant, warehouse,
distribution center or other manufacturing facility.
Career BenefitsTo learn more about Smithfield's benefits, visit
smithfieldfoods.com/careerbenefits.Why Work at Smithfield Foods? We
are committed to meeting our employees' needs, addressing their
concerns and helping them enjoy rewarding careers with our company.
PEOPLE MATTERWith more than 60,000 jobs globally, our employees
drive our success. We strive to create a fair, ethical and
rewarding work environment.GROWTH & DEVELOPMENTWorking at
Smithfield isn't just a job - it's the foundation for a lifelong
career with training designed to help you advance
professionally.BENEFITSOur people matter. That's why we offer
excellent, comprehensive benefits packages to our full-time
employees.SUSTAINABILITY PLEDGESustainability is ingrained in our
culture and guides how we operate. We believe in innovating for the
future.About Smithfield Foods Headquartered in Smithfield, Va.
since 1936, Smithfield Foods, Inc. is an American food company with
agricultural roots and a global reach. With more than 60,000 jobs
globally, we are dedicated to producing "Good food. Responsibly--"
and serve as one of the world's leading vertically integrated
protein companies. We have pioneered sustainability standards for
more than two decades, including our industry-leading commitments
to become carbon negative in U.S. company-owned operations and
reduce GHG emissions 30 percent across our entire U.S. value chain
by 2030. We believe in the power of protein to end food insecurity
and have donated hundreds of millions of food servings to our
communities. Smithfield boasts a portfolio of high-quality iconic
brands, such as Smithfield -- , Eckrich -- and Nathan's Famous -- ,
among many others. For more information connect with us on
Facebook, Twitter, LinkedIn and Instagram. EEO/AA Information
Smithfield is an equal opportunity employer committed to workplace
diversity. All qualified applicants will receive consideration for
employment without regard to race, color, religion, sex, sexual
orientation, national origin, age, gender identity, protected
veterans status, status as a disabled individual or any other
protected group status or non-job characteristic as directed by
Keywords: Smithfield Foods, Suffolk , Vulnerability Management Analyst - OT (Remote Opportunity), Executive , Smithfield, Virginia
Didn't find what you're looking for? Search again!