Security Compliance Analyst Olin Corporation
Olin Corporation is hiring a Security Compliance Analyst to be located in Clayton, MO. Remote office location is a possibility for the right candidate. In the role of the Security Compliance Analyst you will work collaboratively with key stakeholders across the IT organization, including external auditors, IT process owners, IT management, and business stakeholders. You will develop an understanding of the IT organizations’ processes, goals and strategies. Establish and implement a process to compile and analyze data from various security tools such as anti-virus, active directory, advanced endpoint threat detection, patching systems and develop meaningful and actionable IT compliance reporting. Demonstrate knowledge of information security standards and frameworks such as ISO 27001, NIST 800-171, NIST 800-53, other NIST publications and Defense Federal Acquisition Regulation Supplement (e.g. DFARS clause 252.204-7012).
Company Bio: Olin Corporation
Olin Corporation is a leading vertically-integrated global manufacturer of chemical products and a leading U.S. manufacturer of ammunition. Olin is the world’s leading producer of chlor alkali products and vinyls, the number one supplier of epoxy materials, the number one global seller of membrane caustic soda and chlorinated organics and the number one North American seller of chlorine, bleach and hydrochloric acid. Winchester's principal manufacturing facilities produce and distribute sporting ammunition, law enforcement ammunition, reloading components, small caliber military ammunition and components and industrial cartridges.
- Perform and manage IT risk assessments to support requirements of various security frameworks.
- Ensures IT security design, controls, processes and procedures are aligned with Information Security standards, guidelines and policies in order to maintain Systems Security Plans.
- Facilitates the overall planning, execution and reporting of risk assessments and IT compliance audits to support ISO and NIST requirements and other IT Security Compliance related initiatives.
- Continuously evaluates the efficiency and effectiveness of ISO and NIST audit strategy / methodology and proposes improvements to achieve audit efficiencies.
- Identifies opportunities to improve existing process and controls, recommend constructive corrective actions to address control deficiencies identified through compliance audits to strengthen IT security posture and improve IT processes.
- Actively manage agreed corrective actions by collaborating and communicating with IT action owners.
- Support development of System Security Plans, Cyber Improvement Plans and Security Operating Policies and Procedures.
Qualifications / Requirements
- Bachelor’s degree* in Computer Science, Cybersecurity, or related field required; Master's degree preferred.
- Minimum of 5 years of IT Security experience.
- Knowledge of information security concepts and technologies such as networking, network segmentation, vulnerability scanners, firewalls, IPS\IDS, network analyzers, data loss prevention, security event management, encryption technologies, proxies, cloud services, mobile devices, etc.
- Direct experience with implementation and management of security frameworks such as: ISO 27001, NIST 800-171, NIST 800-53, DFARS clause 252.204-7012
- Certification such as Certified Information Systems Auditor (CISA), or Certified Internal Auditor (CIA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISM), Certified Ethical Hacking (CEH), GIAC Information Security Professional (GISP)or other similar certification preferred but is not required.
- Experience performing full lifecycle NIST specific security assessments.
- Excellent verbal and written communication skills with ability to communicate confidentially with all levels of IT management.
- Excellent analytical, problem-solving, and decision-making skills to mitigate risks and resolve control deficiencies.
- Ability to manage multiple responsibilities and projects simultaneously with varying degree of complexities and timelines.
- Demonstrates genuine desire in continuous learning and process improvement.
- Have a team player attitude with a willingness to work with other team members.
- Approximately 10% travel is required.
*Degree must be from a school that is accredited by an accrediting agency recognized by the Secretary of Education of the U.S. Department of Education or equivalent program from an international university.
*Olin does not provide any form of sponsorship to applicants not authorized to work in the US.
*This position requires access to ITAR controlled technical data, and as such, employment will be contingent upon the candidate's ability to access ITAR controlled technical data pursuant to an export license approved by the Directorate of Defense Trade Controls, if required.
Olin is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.