TE25P5 Lead Security Analyst

CAS uses intuitive technology, unparalleled scientific content and unmatched human expertise to help companies create groundbreaking innovations that benefit the world. As the scientific information solutions division of the American Chemical Society, CAS manages the largest curated reservoir of scientific knowledge, and for 115 years, has helped innovators mine, assess and apply that information to keep businesses thriving. The CAS team is global, diverse, endlessly curious and strives to make scientific insights accessible to innovators worldwide.

CAS is currently seeking a Lead Security Analyst. This position will be located in our headquarters in Columbus, Ohio.

Job Summary:

This role is responsible for implementing and maintaining core security platforms, deploying and managing security tooling, and driving enhancements across endpoint, identity, network, and email security. You will build automation for detection and response, define high fidelity detections and playbooks with SOC/IR, and remediate gaps from incidents and pentests.

Job Accountabilities:

• Implement and maintain core security platforms: EDR/XDR, SIEM/SOAR, CSPM, vulnerability management, identity provider/SSO application onboarding, etc.
• Deployment and management of security agents and tooling.
• Recommend and implement strategic security enhancements to the following areas of focus: EDR/XDR, SIEM/SOAR, IGA, Network Security, and Email Security.
• Develop and lead efforts to implement automations for detection, response, and control enforcement (e.g., Python, PowerShell, Lambda/Functions).
• Define and implement high-fidelity detections and response playbooks with SOC/IR.
• Close gaps identified by incidents and pentest exercises.
• Lead proof-of-concept and vendor evaluations; build strong cross-functional relationships.
• Advises and influences stakeholders on security controls, threats, and the risk/benefit of proposed solutions to ensure alignment with organizational objectives.
• Proactively works with partners and suppliers to achieve objectives on time and within budget.
• Collaborates with partners/suppliers to build enterprise class solutions, respond to issues/threats, and/or communicate to stakeholders.
• Actively engages in the greater Information Security and privacy community (e.g. peer groups, seminars, conferences, etc.) to help identify new technologies, new techniques and new partners. Demonstrates a positive, proactive and thought leadership attitude to CAS and the greater security community.
• Mentor and provide guidance to less experienced team members.
• Other duties as assigned

Qualifications:

• 12 or more years in security engineering or adjacent roles (infrastructure, cloud, etc.), including 2 or more years in a senior/lead capacity.
• Bachelor's degree in Computer Science, Management Information Systems, Computer Engineering, Information Security or equivalent is required.
• Hands-on expertise with at least three of the following: cloud security (AWS/Azure/GCP), identity security (Azure AD/Entra, Okta), endpoint security (EDR/XDR), SIEM/SOAR, CSPM/CNAPP, secrets management, PKI, vulnerability management, WAF/application security, container/Kubernetes security
• Proficiency in scripting/automation (Python, PowerShell, Bash).
• Strong understanding of networking, IAM, and email security.
• Advanced level knowledge of industry standard security domains.
• Working knowledge of core network and systems administrator protocols.
• Experienced with Windows, Mac and Linux operating systems.

Technical Qualifications:

• Industry certifications (e.g. CISSP, CEH, Security +, CRISC, CISM, etc.).
• Experience with CIS Critical Controls, NIST CSF and ISO 27001 frameworks.

Other Qualifications:

• Strong interpersonal, written, and verbal communication skills
• Demonstrated experience working with a team to solve technical problems.
• Ability to focus on and achieving results.
• Demonstrated reliability and follow through on commitments and assignments.
• Demonstrate professionalism and courtesy in all interactions.
• Work well under pressure (i.e., a critical system is down)
• Able to work independently and as part of a team.

CAS offers a competitive salary and comprehensive benefits package, including a generous vacation plan, medical, dental, vision insurance plans, and employee savings and retirement plans. Candidates for this position must be authorized to work in the United States and not require work authorization sponsorship by our company for this position now or in the future. EEO/Disabled/Veteran