Looking for Home Delivery?
Lead Cybersecurity Analyst
Minneapolis-St. Paul-Bloomington, MinnesotaApply Now Quick Apply
Who we are!
Schwan’s Company, a U.S. affiliate of the global lifestyle company CJ CheilJedangCorporation, is a leading U.S. manufacturer and marketer of quality foods offered through retail-grocery and food-service channels. Its many popular brands include Red Baron®, Tony’s®, Big Daddy’s®, Villa Prima™ and Freschetta® pizza; Mrs. Smith’s® and Edwards® desserts; and Pagoda® Asian-style snacks. To learn more about Schwan’s, visit www.schwanscompany.com.
What we are looking for:
We are hiring a Lead Cybersecurity Analyst, who will ideally work out of our Bloomington, MN offices, but we may be flexible on the locationThis is a new position due to company growth. In this role you are responsible for the management of day-to-day IT Security operations including monitoring, vulnerability management, threat and incident management, and security awareness training. This is a consultative role and is a key decision maker in cyber risk management. You will proactively research and identify technology platforms to ensure proper risk detection and response for the Enterprise and also further initiates and leads various IT Security projects that will improve the resiliency of business and IT systems for the Company.
- Cyber Defense Infrastructure Support. Works in partnership with IT Infrastructure to review and validate secure configurations are in place to protect systems, networks, and data.
- Develop and mature corporate security program in the areas of Vulnerability Management, Incident Management, Threat Management, and Security Awareness.
- Build formal threat and incident response processes, including analysis, triage and escalation of security events, coordination and tracking of response activities, and status reporting to the Director of Information Security and the IT Management Team
- Oversee all phases of Vulnerability Management including scanning, reporting, and remediation tracking. Work with IT stakeholders and managed service vendors on remediation planning.
- Act as team leader and mentor, setting team objectives in coordination with the Information Security Director and developing and implementing training plans to develop internal capabilities
- Mature Security Event Monitoring and the SIEM lifecycle management
- Lead the development, implementation, and tuning of monitoring use cases as needed upon emergence of new applications, threats, and policies.
- Coordination of maintenance and patching of IT Security Systems
- Oversee vulnerability remediation activities, coordinate with other departments to plan and track remediation activities
- Oversee security awareness activities including security awareness training and proactive phishing exercises
- Lead incident response training exercises including tabletop exercises with stakeholders in the broader organization
- Defines, builds and reports key operation cyber risk metrics.
- Development and maintenance of process documentation, procedures, and playbooks
- Work with the Director of Information Security and IT Operations to identify and define roadmap projects for expansion and maturation of tools and capabilities supporting IT Security Operations functions
- Provide guidance and education to other groups within the Information Technology function, including Infrastructure Architecture, Application Development, Network Operations, System Operations, and Help Desk.
- Provide off-hours support as required
Education: Bachelor's degree or equivalent in Computer Science, Software Engineering, Computer Information Services (CIS) or related field, or equivalent education and/or experience.
Years of Related Experience: 8-10 years of related experience
- Experience in Security Incident Response is required
- Experience in Vulnerability Management is required
- Experience in operating vulnerability scanning tools such as Nessus, Qualys, etc. is required.
- Understanding of common vulnerabilities and exploits is required
- Knowledge of the cyber threat landscape including types of adversaries and the motivations that drive them is required.
- Experience with implementing or operating Security Orchestration, Automation and Response (SOAR) technologies is desired
- Experience preparing and/or presenting reports and briefings is required.
- Leadership and ability to communicate situations to all levels including senior management is required
- Must be able to translate technical security concepts into lay terms
- Must be comfortable presenting in front of technical and non-technical audiences
- Ability to effectively work with people in other departments and/or outside of the enterprise
- Operational Technology Cyber risk management experience is strongly desired
- Knowledge of the function and operation of SIEM technologies such as QRadar, Splunk, LogRhythm, etc. is required
- SOAR / Automation experience strongly desired
- Familiarity with the MITRE ATT&CK framework is desired
- Experience with threat hunting and cyber intelligence is desired
- CISSP (Certified Information Systems Security Professional) and/or CISM (Certified Information Security Manager) certification desired but not required
The employing subsidiaries of Schwan’s Company are Equal Employment Opportunity Employers. All qualified applicants will receive consideration for employment without regard to disability, age, race, color, religion, gender, vet status, national origin or other protected class.null
Job Type: Exempt Business Unit: Req #: 21003094
- Big Daddy's
- Mrs. Smith's
- Red Baron