IT Security Analyst

Date:  Dec 2, 2022
Location: 

Phoenix, Arizona, US

Company:  WillScot | Mobile Mini
Req ID:  48218

ABOUT THE JOB:

This role focuses on preventing, detecting, and mitigating IT security issues within the WSMM infrastructure and applications technology landscape.
A direct report to the IT Security Architect, the IT Security Analyst is responsible for:

WHAT YOU'LL BE DOING:

Essential Functions: Responsibilities of the IT Security Analyst include but are not limited to:

  • Monitors internal hosted and partner hosted detections systems for indications of compromise, data loss, or other abnormalities.
  • Responds to alerts detected in the WSMM environment by investigating them with internal team members, 3rd party partners, and users.
  • Follows up on the detection of activity to malicious links, email attachments, web activity, and other detections of abnormal activity in the environment.
  • Uses tools to actively hunt down treats in the environment. 
  • Coordinate efforts with other team members and partners to handle security issues identified in the environment.
  • Takes action to address issues detected in the environment through actions such as removing malicious email messages, rotating/disabling passwords, network containing computers, or cleaning up infected computers.
  • Monitors access logs for unusual activity, suspicious accounts, or access assignments.  This may include unusual travel, excessive lockouts, access from unexpected devices, and access to information not expected for a job role.
  • Executes action and coordinate efforts with IT team members to handle authentication or user access issues identified in the environment. 
  • Monitors the regular execution of network scanning and reporting tools and 3rd party efforts.
  • Contributes to efforts to identify high priority vulnerabilities and end of life assets in the IT landscape.
  • Works with IT infrastructure and application team members to implement and monitor vulnerability remediation efforts.
  • Manage ongoing security education efforts.
  • Assists with the intake and initial response for IT security questionnaires for customers and other partner organizations.
  • Participates in backup, disaster recover, and incident management tests/exercises.
  • Assist with compliance efforts (SOX, PCIDSS, GDRP) and internal audits.
  • Constructs and updates documentation related to security systems and processes.

 

Company Values

  • Believes and supports our Company Values 
  • Complies with all Williams Scotsman Mobile Mini Safety, Transportation, and Environmental Policies

 

Performance Efficient Use of Resources

This is a team-based role and may assist in other aspects of IT as well as help drive our Company’s Strategies and promote our Mission, Vision and Values. WSC has a highly collaborative culture and the successful candidate will work effectively with a broad group of senior executives, peers, and direct reports to perform the above responsibilities.  

Customer Focus

  • Utilizes and deploys proactive customer relationship management techniques

EDUCATION AND QUALIFICATIONS:

The successful candidate will possess:

  • Minimum 4 years overall experience in technical functional areas.
  • Bachelor’s Degree in Computer Science or related field or an equivalent combination of education and experience.
  • Strong technical background in:
    • Windows (workstations and servers) including security best practices.
    • Network and Firewall Concepts
    • Security Tools Such as Advanced Endpoint Protection (such as CrowdStrike), Email Gateways (such as ProofPoint), and Log Management Systems
  • Experience with technologies and security practices including:
    • Advanced endpoint protection solutions such as CrowdStrike
    • Email gateways such as Proofpoint
    • SIEM, event logging (M365/Active Directory/etc.), and alerting systems including services such as Arctic Wolf
    • Vulnerability scanning tools such as Nessus/Tenable.io
    • Incident response & threat hunting
    • Web Activity Logging
    • Computer incident handling and forensics
    • Endpoint management tools such as SCCM, Intune, AirWatch
    • Firewalls, VPNs, VDI solutions, and networking
    • Device hardening (operating systems, applications, network devices)
    • Active Directory and Group Policy
    • Cloud platforms, cloud security, CSA CCM
    • Data protection & file analysis
    • Security training (end user and IT administrators)
    • NIST & CIS frameworks
    • Working knowledge of information security controls, guidelines, and standards such as OWASP, CIS 20 Critical Security Controls, SOC 2, PCI DSS, and NIST
    • Understanding of privacy and data protection regulations such as GDPR, CCPA, HIPAA
  • Ability to function well during high stress, time sensitive scenarios (incident remediations, etc.)
  • Maintain confidentiality as required by the work 
  • Persistence and follow through to work security incidents and RCAs to completion including root cause.
  • Ability to work collaboratively with other internal IT teams and 3rd party partners
  • Strong verbal, written, and interpersonal communication skills
  • Relevant industry certifications (Security +, CySA +, CASP +, AWS Certified Security) preferred


Abilities and Other Requirements:   The ability to perform work in a variety of work environments from a professional office environment to branch environment to customer construction sites is required.   Must be able to use standard office equipment such as computers, phones, photocopiers, and fax machines.
In order to successfully perform the essential functions of this job, the employee is regularly required to sit, and to move about the various work environments to train, monitor and ensure compliance with all company requirements.  The employee must be able to verbally communicate with employees, co-workers and customers in person and by phone.  The employee must also be able to travel to various work environments. Overnight travel may be required on occasion. 
 

Disclaimer: The above statements are intended to describe the general nature and level of work being performed by associates assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.

 

WillScot Mobile Mini is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or any other protected status with respect to recruitment, hiring, promotion and other terms and conditions of employment. WillScot Mobile Mini takes affirmative action in support of this policy to employ and advance in employment individuals who are minorities, women, disabled, and veterans.

92651 


Job Segment: Developer, Information Security, Computer Science, CRM, Relationship Manager, Technology, Customer Service