Information Security Specialist
Lincoln Electric is a global manufacturer of the highest quality welding, cutting and joining solutions ranging from simple to complex. With over 120 years of service excellence, we are committed to employing talent that will support our strategy to foster innovation and a first class experience for our customers. Lincoln Electric, where the actual is limited and the possible is immense.
PURPOSE: This position is responsible for a broad range of security tasks, including the day-to-day security administration of operating systems (OSs) and network security devices, as well as the administration of technologies, such as antivirus, anti-spam, antispyware, vulnerability scanning, firewalls, and security information and event management (SIEM) tools. The administration and compliance tasks may include: audits of network and OS configurations, resource and information access policies and rules; the collation and reporting of SIEM information, including incident and event response and resolution duties; and the production of monthly management and exception reports. The Specialist Information Security may also be included in system development and deployment projects.
JOB DESCRIPTION (DUTIES AND RESPONSIBILITIES):
- Interacts closely with product vendors and service providers, personnel from various IT departments — including the application development, operations and network teams — and business departments.
- Performs system security administration on designated technology platforms, including OSs and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines
- Performs installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems
- Performs threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected against known and potential threats and are free from known vulnerabilities
- Applies patches and, at the direction of the Manager, IT Security, removes known control weaknesses.
- Researches threats and vulnerabilities and, where appropriate, takes action to mitigate threats and remediate vulnerabilities
- Responds to and resolves or escalates reported security incidents that may include the use of forensic application tools.
- Responds to and follows up on security events reported by SIEM tools or in system and event logs
- Locates and repairs security problems and failures
- Collates security incident and event data to produce monthly exception and management reports
- Communicates with resource owners and end users to increase awareness of applicable security policies and standards
- Implements or coordinates remediation required by audits.
- Performs normal and exceptional processing of change requests, escalating such requests when appropriate
- Reports suspected network security violations to Manager, IT Security including unresolved network security exposures, misuse of resources or noncompliance situations.
- Assists and trains less experienced members in the use of security tools, the preparation of security reports and the resolution of security issues
- May represent the security team on projects and other formal workgroups and committees
- Performs eDiscovery searches in case manager tool for the collection and preservation of data due legal holds and/or internal audit confidential investigations
- Serves as primary administrator for email security solution and large file transfer solution application servers in managing upgrades, end user training and support
- Assumes additional responsibilities and performs special projects as needed or directed in support of Lincoln Electric’s strategic plan and 2020 Vision.
- Bachelor’ degree or Technical degree typically with 7 years’ experience with IT Security. or Network Security. Bachelor’s degree information systems or equivalent work experience preferred.
- Certifications from ISC2, ISACA, SANS, CompTIA or other certifications helpful.
- Knowledge of information security principles including risk assessment, intrusion detection, network access control (NAC), threat and vulnerability management (TVM), and identity and access management (IAM)
- Experience in developing, documenting and maintaining security procedures
- Knowledge of network infrastructure, including routers, switches, firewalls, and associated network protocols and concepts
- Project management skills are a plus
- Established analytical and problem solving skills as well as verbal and written communication skills.
Qualified applicants will receive consideration for employment without regard to their race, color, religion, national origin, sex, protected veteran status or disability.
Lincoln Electric is a $2.5B publicly traded company (NASDAQ) with over 10,000 employees around the world. With operations in over 40 manufacturing locations in 19 countries, we are well positioned to continue this partnership and poised to grow with our customers.
As a part of that continuing legacy, you will contribute to a new generation of innovation and experience the pride that comes with being part of the solution to the world’s challenges. It is a great time to be part of the welding industry!
Lincoln Electric does not accept unsolicited resumes from third-party recruiters. Resumes submitted to any employee(s) of Lincoln Electric without a signed vendor agreement, by the Manager of Recruiting & Training, will become property of Lincoln Electric. Verbal or written commitments from any other member of Lincoln Electric will not be considered binding terms. Lincoln Electric will not pay a fee to any third-party recruiter that has not coordinated their recruiting activity through the Recruiting Department.