Cybersecurity Analyst

American Rheinmetall•Auburn Hills, MI

10h•Hybrid

About The Position

American Rheinmetall is a leader in the design, development, and production of advanced tracked and wheeled vehicles, vehicle systems, and critical components that support U.S. military modernization. Our expertise spans electronic and mechanical systems, fabricated structures, armored products, rubber solutions, and track systems, delivering reliable innovation to both defense and commercial markets. As part of the global Rheinmetall family, we combine proven heritage with forward-looking technology to provide solutions that defend and feed the world. The Cybersecurity Analyst role will focus on threat intelligence and will be expected to manage various technologies at an advanced or expert level. The analyst is responsible for information security policy development and maintenance; coordinates the investigation and reporting of security incidents; works with auditors and examiners to ensure the network and systems are secure and meet regulatory guidelines; monitors and assesses the organization’s information security and makes recommendations for improvement; and schedules/performs periodic penetration tests, vulnerability assessments, and risk assessments. There will be expectations to work non-traditional hours to support such duties. This person can work at our Lansing or Auburn Hills location.

Requirements

Bachelor’s degree in cybersecurity or related STEM field with 1-2 years related experience and/or training.
Must undergo and meet company standards for background check, employment verification, reference checks and controlled substance testing.
Extremely familiar with NIST 800-171

Nice To Haves

Basic knowledge of security risks & strategies, SIEM, antivirus, proxies, firewalls, and intrusion detection concepts, tools, and processes.
Knowledge of CMMC preferred
Experience working with Linux Systems and cybersecurity best practices.
Experience with Fortinet equipment and security certifications such as Security+, CISSP, CEH, OSCP, etc. is desired, but not required.

Responsibilities

Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures)
Review logs and reports of all in-place devices and interpret the implications of that activity and devise plans for an appropriate resolution.
Participate in investigations into problematic activity.
Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.
Assist in ensuring that the Company is up to date with the latest security standards, patches, network protocols and products.
Recommend improvements to the current security posture.
Identify areas where controls are lacking or inadequate.
Assist in preparing the organization to respond to possible security incidents and breach.
Research security architecture, security technologies and security solutions.
Understand current infrastructure and network architecture.
Assess current security controls.
Identify operational configurations of workstations as per the established baselines and take actions to remedy misconfigurations.
Investigate potentially harmful emails and take actions to ensure that the threat is neutralized.
Identify sensitive data locations and make suggestions for safeguarding said data.
Be familiar with NIST 800-171 and the CMMC and apply standards.
Identify areas in which the company must follow NIST 800-171.
Assist in implementing or upgrading solutions pertaining to NIST compliance.
Identify areas that the company needs to improve on for the CMMC.
Assist in scheduling and leading Vulnerability Assessment meetings, Risk Assessment meetings, NIST compliance meetings, CMMC task meetings, or any other security related meetings.
Train/mentor quality techs