Principal IT Security Analyst - Enterprise Holdings
St. Louis, MO 63105
About the Job
Enterprise Mobility is the world’s largest car rental operator and an industry leader in mobility and technology. We’re one of the top global travel companies, ranking ahead of many airlines and most cruise lines and hotels. And no matter what transportation challenges our customers face, we have an innovative solution.
We operate the Enterprise Rent-A-Car National Car Rental and Alamo Rent A Car brands via more than 10,000 fully staffed neighborhood and airport offices, including franchisee branches, in over 90 countries and territories.
Through this robust global network, we operate a fleet of over 2.3 million vehicles and provide a comprehensive portfolio of transportation solutions, including car rental, carsharing, vanpooling, car sales, truck rental, vehicle-subscription and affiliated fleet management services. As a total mobility provider, we serve the needs of a wide variety of customers, businesses, government agencies and organizations every day.
At the center of it all, our dedicated IT teams innovate, design and develop the technology that is redefining how customers rent, buy and share vehicles from our family of brands. Here, you will be part of a diverse and talented team that creates and delivers powerful technology solutions for our customers and employees across the world with the resources and support to develop in a variety of career paths.
As an Enterprise Mobility team member, we offer an excellent package with market-competitive pay, comprehensive healthcare packages, 401k matching & profit sharing, schedule flexibility, work from home opportunities, paid time off, and organizational growth potential.
This position is open to candidates who wish to work from home (WFH). Team members who choose virtual / remote work should have an adequate space to serve as their home office. #LI-REMOTE
Responsibilities:The Information Security Office’s (ISO) vision is to realize a culture of security that manages risks, defends against threats, and integrates information security into business and technology. The Global Cyber Security (GCS) Team supports this vision through the detection, analysis, and mitigation of cyber security threats facing Enterprise Mobility. The Monitoring, Forensics & Incident Response Teams under the GCS are responsible for detecting and eradication threats to Enterprise Mobility in support of the business objectives.
The GCS team has an immediate need for a highly experienced Security Analyst 4. In this role, you will operate as the highest-level analytical leader in GCS and will be responsible for assisting in the development of the strategy and influencing change across GCS, the ISO, and IT. You will utilize your critical thinking skills to solve problems, and develop advanced analytics and processes needed to optimize threat detection and response. You will work in a fast-paced environment, and be responsible making recommendations on the maturity and enhancement of the team's set of security-related tools (e.g. WAF, SOAR, SIEM, UBA, IDS/IPS, anti-virus, firewalls, etc.), developing new team processes, engaging in projects to design and deliver new detection and response capabilities, and engaging with internal/ external teams on security issues, including communication to high levels of leadership.
Key Responsibilities Include:
- Taking an active role in applying advanced methods to identify wide-range, large and complex cyber threats and driving innovative solutions to detect and protect against those threats (this includes collaboration with security architects and security engineers in the organization to design and implement those solutions)
- Collaborating with others in the ISO and IT to address security gaps, and understand the changes in GCS approach and strategy needed to support those efforts
- Researching and interpreting a wide-range of complex security controls related to future concepts; collaborating across the company to influence design and development of solutions and communicating solutions necessary for the protection of all information processed, stored and transmitted by IT and the company
- Applying advanced cybersecurity and privacy principles (relevant to confidentiality, integrity, availability, authentication and non- repudiation) in multiple areas of IT and the company requirements; communicating and influencing new security policies, frameworks and regulations into operational processes; explaining difficult concepts to a variety of different audiences
- Leading and owning documentation company-wide; Influencing change through technical guidance to create, apply and measure organizational policies and procedures to meet security objectives in accordance with laws, regulations, and internal policies
- Leading the influence and consultation for the implementation of the information security strategy and planning of projects for the department, IT and company
- Actively coaching, mentoring and teaching others; using influence, expertise and leadership to support other teams as they implement technology solutions (this also involves direct involvement of development plans for junior members of the team)
Equal Opportunity Employer/Disability/Veterans
Qualifications:Required:
- Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future
- 8+ years of related experience
- Strong analytical and critical thinking skills to support and evolve an advanced cybersecurity team
- Advanced, in-depth knowledge of cybersecurity
- Strong analytical, problem solving, and critical thinking skills
- Proven success in collaborating with security architects and security engineers across an organization to influence design, development and implementation of solutions
- Experience influencing and communicating new security policies, frameworks and regulations into operational processes
- Proven technical leadership capabilities with the ability to establish and maintain solid working relationships across business and IT teams
- Experience mentoring and coaching less experienced security analysts
- Possesses initiative, results-oriented drive and a solid work ethic, requiring minimal direction
- Excellent communication skills, including strong listening skills, influence, and leadership presence
- Must be committed to incorporating security into all decisions and daily job responsibilities
Preferred:
- Bachelor's degree in Computer Science, Computer Information Systems, Management Information Systems, or related field preferred
- Knowledge of security frameworks such as NIST and MITRE Attack
- Knowledge of cloud-based security standards and protocols
- Strong knowledge of the Microsoft security suite and productivity environment
- CISSP, CISM, GSEC or similar security certification preferred
- Cloud+, AWS practitioner, or similar cloud certification preferred