Cyber Security Analyst - ITT Inc.

About ITT::

ITT is an industrial manufacturer of critical, engineered components that serve fast-growing end markets in transportation, flow, energy, aerospace and defense. The company’s differentiation is sustained through a combination of several factors: execution, the quality of its leadership and our DNA as an engineering leader. We have a clear purpose as an organization: to provide our customers with cutting-edge solutions to help solve their most critical needs.

 The company generated 2023 revenues of $3.3 billion and is comprised of three distinct segments: 

• Motion Technologies ($1.5B revenue) is a global leader in brake pads, shock absorbers and sealing solutions for the automotive and rail markets
• Industrial Process ($1.1B revenue) is a global leader in centrifugal and twin-screw pumps for the chemical, energy, mining and industrial markets
• Connect & Control Technologies ($0.7B) is a niche player in harsh environment connectors and control components in critical applications for the aerospace, defense and industrial markets.

 ITT is headquartered in Stamford, Connecticut with over 10,000 employees in more than 35 countries and sales in approximately 125 countries.

Position Summary:

Under the direction of the CSOC Manager, this individual plays a crucial role in bridging the gap between cybersecurity, IT, and business operations. This person is expected to be both technically experienced and business-aligned as s/he works with both IT and business stakeholders to analyze and respond to security threats and events.

 

We are seeking an experienced Cybersecurity Operations Analyst to join our team. The successful candidate will be responsible for a multitude of service lines within cybersecurity, including responding to security events, cybersecurity tool tuning and management, vulnerability management and threat hunting.

 

This role will focus on threat monitoring, detection, and response as part of our Cyber Security Operations Center (CSOC). The analyst will play a key role in strengthening our security posture by helping implement and manage security controls aligned with CMMC2 Level 2, NIS2 regulations, and other compliance frameworks.

 

As part of the cybersecurity operations team, you will actively investigate incidents, monitor enterprise environments, and collaborate with internal and external stakeholders to protect critical assets in a highly regulated environment.

 

This individual will be highly driven (“high motor”), able to balance active priorities, be meticulous and planful. They will be comfortable addressing ambiguity, able to consistently deliver results, be naturally curious and highly accountable, and approach situations in a thoughtful and process-oriented manner. This person will work closely with individuals at all levels of the information technology organization and business partners (executives, peers, staff members, individual contributors, cross-functional team members) to identify risk and compliance gaps, provide guidance on remediation, and provide consultation on adherence to ITT security policy for all aspects of the global organization.

Essential Responsibilities:

This position will be focused on security for ITT as a whole, as well as increasing capabilities and posture of ITT’s security.

 

• Perform continuous monitoring of security systems and data to detect, analyze, and respond to security incidents in real-time.
• Triage and escalate security events and assist with incident handling procedures.
• Provide detailed analysis of malicious activity, assessing the severity and potential impact on systems.
• Use Security Information and Event Management (SIEM) tools and threat intelligence platforms to identify and track potential threats.
• Assist in identifying, assessing, and mitigating vulnerabilities across IT assets, in coordination with vulnerability management teams.
• Recommend and implement security patches and updates as needed.
• Creation of alerts and tuning of current alerts and security solutions.
• Train others on primary areas and responsibilities
• Use Security Information and Event Management (SIEM) tools and threat intelligence platforms to identify and track potential threats.
• Stay up to date on security news bulletins and current threats.
• Analyze network traffic and intrusion alerts; discern false positives.
• File/link analysis and immunization against those types of attacks.
• Support cyber security governance in the formulation of cyber-related policies, standards, and procedures.
• Meet tight deadlines in a fast-paced environment.
• Document processes and activities for repeatable results.
• Rotating on-call will be required for this role.
• Carry a Smartphone 24X7 for the purpose of escalation.
• On-call availability as an escalation point or in critical situations.
• Due to time zone difference and appropriate meeting times, flexible work hours may be required.
• Sitting for extended periods of time.
• Dexterity of hands and fingers to operate a computer keyboard, mouse, and to handle other computer components.
• Lifting and transporting of moderately heavy objects, such as computers and peripherals.

Position Requirements:

Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field; Professional certifications such as C|EH, GCIH, GPEN, or OSCP are a plus. A minimum of C|EH will be required after the first year of employment.

Experience: Minimum of 3 years of experience as a cybersecurity analyst. The ideal candidate will have a broad set of experiences (IT operation, systems administration, cybersecurity, network administration) ranging subject matter areas such as risk identification and management, network security, and cybersecurity administration.

Skills/Knowledge:

• Familiar with common and uncommon security tools and suites.
• Disc and memory forensics experience.
• Experience with SIEM, IDS/IPS, firewall management, EDR/XDR, and vulnerability management tools.
• Strong analytical and technical capabilities and excels in critical thinking.
• In depth SEIM knowledge and usage
• Strong MITRE ATT&CK framework knowledge
• Strong understanding network protocols, threat landscapes, and common attack vectors.
• Scripting for automation (Python, PowerShell, APIs)
• Endpoint and network security tools/techniques
  • I.e., investigating Antimalware or IDS alerts
• Demonstrated ability to write clear and concise technical documentation.
• Ability to multi-task, change priorities with short notice, and effective time management skills.
• High standard of professionalism and ethics
• Comfortable with hands-on approach to addressing complex problems to gain a grounded and granular understanding, make informed decisions and take appropriate actions.
• Ability to be challenged with ambiguous situations; dissect and plan the work that simplifies the work for themselves and others, with a focus on delivering results.
• Passion for data and innovation.
• Proven ability to manage multiple projects to completion while maintaining quality standards and project deadlines.
• Understands when new or alternate solutions are necessary and begins discussions with IT management and business/functional partners to identify needed improvements to the solution/service framework.
• Leverages experience collaborating across cultures and organizations.
• High focus on interpersonal and cultural understanding across disparate teams’ work settings by initiating conversations with others.
• Shares information proactively, directs workflows to leverage the expertise of individuals, and promotes a team approach to achieve common goals.
• Leverages existing solutions, knowledge base, and best practices, and works within the approved policy/governance framework.
• Gains trust by listening effectively, being open and transparent, and demonstrating results that the customer, business, or function values.
• Demonstrates a sense of pride in the quality of his/her own work, and a willingness to take initiative to meet the challenges of the customer, business, or function.
• Promotes accomplishments while holding others accountable for results.
• Excellent written and oral communication skills.
• Effective interpersonal skills, with a focus on listening and questioning skills.
• Strong documentation skills.
• Ability to conduct research into a wide range of computing issues as required.
• Ability to absorb and retain information quickly.
• Ability to present ideas in user-friendly language to non-technical staff and end users.
• Keen attention to detail.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Experience working in a team-oriented, collaborative environment.
• Self-directed, initiative-taker and strong analytical & problem-solving skills.
• Ability to work well under stress.
• High standard of professionalism and ethics
• Demonstrate sound judgment.
• Calm and effective under pressure
• Teamwork oriented
• Customer service focused.

#LI-REMOTE

#CORP

#LI-BS1

Equal Pay Act Statement:We aim to pay our ‘ITT’ers’ fairly and competitively in the locations that they live and work. Pay-for-performance is a principle that we believe in, and employees are rewarded based not only on ‘what’ they accomplish, but also on ‘how’ they reflect ITT’s values. ITT offers a competitive salary and robust total rewards package, such as health insurance, 401(k), short and long-term disability, paid time off, growth and developmental opportunities, and other incentive compensation programs. Specific benefits are dependent upon whether or not the position is part of a collective-bargaining agreement. The salary offered to a candidate is based several factors such as candidate experience and qualifications, location, as well as market and business considerations.Equal Pay Act Range:Annual Salary Range $72,600 to $108,800 plus benefits and incentive plans.