J

Cyber Security Analyst

Johnstone Supply Llc
Full-time
On-site
Portland, Oregon, United States

Johnstone Supply, North Americas leading wholesale distributor of HVACR equipment, parts, and supplies has a great opportunity for a Cyber Security Analyst to join our team. Over the last seven decades Johnstone has grown into the industry leader with over 450 distributor branches and 6 distribution centers throughout North America resulting in over $4 billion in annual sales. We work with some of the largest companies in the world, including Daikin/Goodman, Honeywell, Emerson, Johnson Controls, Google and Fujitsu, to provide contractors with world class products, technical expertise and quality service.

As a member of the IT Infrastructure team, the Cyber Security Analyst is responsible for reducing risk across Johnstone’s technology landscape.  Specific areas of focus are the planning and implementing of security measures to protect computer systems, networks, and data from loss and service interruptions. This position also contributes to the development of next generation projects to protect Johnstone’s systems and networks from cyber threats.

Now is the best time to join Johnstone Supply. The individual selected for this opportunity will play a key role in our cyber security operations, enhancing the company’s security posture, and serving as the go-to security expert for project development, compliance, and vendor management. This position may be based in our Dallas-Fort Worth, TX; or Portland, OR offices, and has a hybrid work schedule with at least 2 days spent working in-office.

Position responsibilities:

  • Supports daily Security Operations by using technologies to manage risk in the environment and designing upgrades of existing security infrastructure. 
  • Develops and defines system security and data management practices and procedures for IT infrastructure, services and applications.
  • Defines, and implements network and systems security controls, including encryption and authentication standards, access controls, anti-malware services, and updating critical services and equipment with recent and secure versions of software.
  • Acts as a lead contact for security related escalations and directs problem resolutions tracking remediation and preventative actions.
  • Acts as the technology security consultant on project development, support requirements and implementation of any new application or infrastructure.
  • Evaluates and makes recommendations on current processes, practices, or technologies that would enhance the company’s security health across all platforms.
  • Produces and communicates metrics for the Johnstone compliance against Corporate and Store Group security policies & procedures.
  • Maintains inventory and licensing software subscriptions and purchases as it relates to security programs 
  • Manages vendor relationships and deliverables for contracted service agreements for phishing and security programs.
  • Provides communication for awareness campaigns for Corporate and Store Group security programs.
  • Identifies opportunities for improving security efficiency of the applications, infrastructure and services by working with vendors, researching, testing, evaluating, and recommending solutions.
  • Maintains IT documentation for established Security Processes, Security Platform Architectures, Security Policies and technical information for the IT corporate security program
  • Administer testing/security controls based on software/hardware requirements, technical specifications and/or change control requests.
  • Continually adjust systems to optimize system performance and functionality; work with support groups to help perform root cause analysis of issues and identify solutions.
  • Performs systems management (server patching, maintenance, troubleshooting) as part of the Infrastructure Engineering team.
  • Participate in on-call rotation. 

Position requirements:

  • Bachelor’s Degree (B.S.) from a four-year college or university, preferably in Computer Science or Engineering; At least 5 years demonstrated work experience in information technology; At least 3 years of experience in Information Security or Network Security in an enterprise environment is required; or equivalent combination of education and experience.
  • Certificates related to Information Technology Security are preferred but not required for this role.
  • Knowledge and understanding of information technology systems and process:
  • Cyber Security Frameworks (NIST 2.0, PCIDSS, etc.)
  • A sound understanding of the OSI networking model
  • A sound understanding of the system processes and file execution
  • Working knowledge of IP networking protocols
  • Experience with Windows Server/Workstation 
  • Knowledge of security tool administration (e.g., firewalls, IDS, end-point protection, content filtering, IAM, DLP).
  • Knowledge of Cyber Security Operations (Monitoring, Detection, Incident Response, Forensics)
  • Ability to manage Windows Servers/Applications in an Enterprise including, but not limited to, Active Directory, DHCP, DNS, IIS, GPOs is required for this role. 
  • Ability to manage virtualization platforms is required (VMWare, Citrix).
  • Ability and experience securing systems in the Public Cloud environments, including Azure and AWS.
  • Ability to manage Palo Alto Firewalls.
  • Ability to perform troubleshooting (Networks, Applications, Databases, etc.) is required for this role.
  • Ability to implement and manage IAM solutions.
  • Ability to implement Vulnerability Management Systems.
  • Ability to work with and manage IPS, IDS, and IDPS systems and products is required for this role. 
  • Ability to apply expertise in risk assessment and mitigation is required for this role. 
  • Previous EDR and NGAV management experience. 
  • Knowledge of PCI Compliance requirements and attestation.
  • Ability to perform work within Linux systems and perform Pen-Testing is preferred, but not required, for this role. 
  • Skill in developing information security risk, security and privacy policies and procedures.
  • Ability to develop functional relationships from all levels of the company structure.
  • Analytical skills, problem solving skills and troubleshooting skills are required.
  • Skill in managing engagements with 3rd party vendor & partners.
  • Ability to work well independently and within a team setting.
  • Collaborative communication and task management skills.
  • Ability to document standard work instructions, process maps, and specifications.
  • Excellent written and verbal communication skills.

Johnstone Supply is strongly interested in hiring a great candidate that exhibits work behaviors & values that are conducive to building and maintaining a strong and effective company culture. These behaviors include:

  • Safety: Always prioritizes safety, both at work and at home, while ensuring those who work for you work safely.
  • Customer Focused: Take the perspective of those we serve, anticipate their needs, and responding quickly.
  • One Team: We win together by collaborating with each other, focusing on the common goal, and leveraging the strengths of the team.
  • Own It: Take the initiative, act with a sense of urgency and pride, do things right the first time, and always act with integrity.
  • Innovate: Embrace and create change that drives continuous improvement and customer-valued solutions.

Johnstone offers a competitive wage and benefits that include medical, dental, vision, life, LTD, 401(k) with company match, and PTO after 90 days. Our commitment to continuous improvement & investment in our people is only matched by our commitment to superior customer experience. If you are ready to take the next step in your career, apply now.

Visit our website https://www.johnstonesupply.com/our-history for more information about our growing company.

EOE & E-Verify Participating Employer. 

Apply now
Share this job
Twitter Facebook Linkedin Email