Job Summary:
Carpenter Technology Corporation is a leading producer and distributor of premium specialty alloys, and they are seeking a Cybersecurity Professional. The role involves monitoring cyber threats, handling security operations, and participating in technology projects to enhance the company's cybersecurity posture.
Responsibilities:
• Assists with cyber-threat monitoring and Security Operations Center (SOC) duties.
• Performs daily security operations duties including handling service requests from Business and IT teams. Updates standard operating procedures and as-built documentation. Routinely publish performance metrics.
• Monitors key security intelligence feeds and escalates relevant risks.
• Participates in cybersecurity technology projects and lifecycle management.
• Provides security technical assistance for IT projects intended to enable or advance business initiatives.
• Supports secure integration of Cloud and Third-party Applications.
• Assists with recurring patch and vulnerability management tasks.
• Facilitates third-party penetration testing (Ethical Hacking) to confirm design and operational effectiveness of security controls.
• Guides employees with security policy (e.g., password complexity, encryption settings, etc.) and advances cybersecurity awareness campaigns (e.g., Phishing email simulations).
• Routinely publishes Governance, Risk, and Compliance (GRC) metrics.
• Examines design and operational effectiveness of security controls. Coordinates audit engagements led by Internal Audit, Regulator, or external audit firm.
• Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc.). Assist with customer inquiries about Carpenter compliance related to IT and Security.
Qualifications:
Required:
• Bachelor of Science degree in computer science or related field preferred. Or equivalent work experience.
• Associate's degree in computer science or related field minimum required with a combination of Cybersecurity related certifications (e.g., CISSP, CISM, GCIH, GCIA, CEH, Security+, etc.) and additional 2 years' experience.
• Minimum 7 years of related experience with Security Operations, Network Security, Vulnerability Management, Compliance, or Audit.
Preferred:
• Advanced understanding of information technology.
• Advanced knowledge of multiple security domains and common security controls.
• Expert knowledge of 2-3 security domains.
• Familiarity with common hacking techniques (e.g., malware, phishing, etc.) and effective counter measures.
• Adoption of security best practices and industry standards (e.g. NIST, ISO, CIS, COBIT, etc.).
• Hands-on operation of cybersecurity infrastructure (e.g., Firewalls, Intrusion Detection, AV, PKI, Encryption, etc.) and configuration experience.
• Security Incident Response handling.
• Malware analysis.
• Multi-task and manage demands of multiple projects, incidents, and tasks.
• Meet deadlines and manage changing priorities.
• Perform effectively both independently and in a team environment.
Company:
Carpenter Technology develops and manufactures high-performance specialty alloys for aerospace, medical, defense, energy, and semiconductor applications where material failure is not an option. Founded in 1889, the company is headquartered in Philadelphia, USA, with a team of 1001-5000 employees. The company is currently Late Stage.