Cybersecurity Professional

Carpenter Technology Corporation•Raleigh, NC

About The Position

Carpenter Technology Corporation is a leading producer and distributor of premium specialty alloys, including titanium alloys, nickel and cobalt based superalloys, stainless steels, alloy steels and tool steels. Carpenter Technology’s high-performance materials and advanced process solutions are an integral part of critical applications used within the aerospace, transportation, medical and energy markets, among other markets. Building on its history of innovation, Carpenter Technology’s wrought and powder technology capabilities support a range of next-generation products and manufacturing techniques, including novel magnetic materials and additive manufacturing. Cybersecurity Professional – Raleigh, NC; Reading, PA; Tanner, AL

Requirements

Associate’s degree in computer science or related field and 3 years of related experience or 2 years of related experience with advanced certification (i.e., CISSP, Security+, or GSEC) required.
Bachelor’s degree in computer science or related field and 2-4 years of related experience or 1-3 years of related experience with advanced certification (i.e., CISSP, Security+, or GSEC) preferred.
Master’s degree in computer science, cybersecurity, or related field with demonstrated ability to perform full responsibilities preferred.

Nice To Haves

Broad understanding of Information Technology.
Advanced knowledge of multiple security domains and common security controls.
Familiarity with common hacking techniques (e.g., malware, phishing, etc.) and effective counter measures.
Adoption of security best practices and industry standards (e.g. NIST, ISO, CIS, COBIT, OWASP, etc.).
Hands-on operation of cybersecurity infrastructure (e.g., Firewalls, Intrusion Detection, AV, PKI, Encryption, etc.) and configuration experience.
Security Incident Response including preparation and continuous process improvement.
IT Audit or Compliance testing.
Multi-task and manage demands of multiple projects, incidents, and tasks.
Meet deadlines and manage changing priorities.
Perform effectively both independently and in a team environment.
Strong collaboration skills and comfortable working in a team environment.
Manage stressful situations associated with cyber-attack.
Influence fellow technical staff regarding security, compliance, and risk.
Identifies opportunities for improvement and makes constructive suggestions for change.
Perform research and communicating findings to technical and non-technical audience.

Responsibilities

Contributes as needed with Identity and Access Management (IAM) duties including user account provisioning, password vaulting, periodic access review, and encryption key management.
Assists with cyber-threat monitoring and Security Operations Center (SOC) duties.
Performs daily security operations duties including handling service requests from Business and IT teams.
Updates standard operating procedures and as-built documentation.
Monitors key security intelligence feeds and escalates relevant risks.
Provides security awareness training (e.g., Phishing Email simulations) and security policy consultation (e.g., password requirements).
Routinely publish performance and Governance, Risk, and Compliance (GRC) metrics.
Tests effectiveness of security controls independently as well as collaboratively with Internal Audit.
Performs all other duties and special projects as assigned.