Auto req ID: 15864
Title: Sr. IT Security Analyst, CISSP – Remote
Job Function: Information Technology
Company: Harley-Davidson Financial Services
Full or Part-Time: Full Time
At Harley-Davidson, we are building more than machines. It’s our passion and commitment to continue the evolution of this storied brand, and heighten the desirability of the Harley-Davidson experience. To keep building our legend and leading our industry through innovation, evolution, and emotion we need the best and brightest talent. We stand for the timeless pursuit of adventure. Freedom for the soul. Are you ready to join us?
We maximize employee flexibility and well-being through a virtual mindset that supports our highly distributed, global workforce. We take an outcome-focused, people-centered approach to winning, including welcoming the best talent – wherever they may be.
This remote role is not tightly linked to a physical location and provides flexibility in where, when and how you accomplish your work.
The Senior Analyst Security is responsible for working with the detect, respond and recover team protecting our legendary brand. This role will work within a variety of security disciplines including, red/blue team exercises, threat hunting, vulnerability management, design, architecture, technical service management, and service operation functions as appropriate in cybersecurity disciplined fields. The Senior Analyst Security will contribute and participate in Disaster Recovery and cyber recovery activities, and work on a team accountable for Incident Response. Our organization leverages the NIST Cyber Security Framework and works well in a cross functional environment. This role is a technical, cybersecurity role, and will actively work on complex technical scenarios across an international audience to arrive at a resolution via a methodical standardized process, and provide detailed technical cybersecurity support to peers, other members of the Digital Office (DO) and business stakeholders alike. The Senior Analyst Security will work across a variety of critical business domains including consumer, dealer, corporate and industry lines such as manufacturing, financial services, and general merchandise, etc.
- Generalist within the Detect/Respond/Recover NIST CSF domains
- Assist in maintaining a secure enterprise environment across the HDI technical landscape; leverage specific or broad in-depth technical skillsets to achieve this outcome
- Manage outcome-based delivery model via outsourced partner leveraging technical leadership to pre-defined desired service operations outcomes
- Demonstrate understanding and ability to apply cyber security best practices, understand common issues and remediation techniques leveraging systematic approach (MITRE ATT@CK, OWASP top 10, NIST CsF, etc.)
- Knowledge of the best available tools, software, threat hunting techniques, red/blue team member, pen testing, applications and systems for maintaining best-in-class security environment status
- Demonstrate expertise with security and information system life cycle methodologies, including remediation of cyber security issues, as well as audit risk mitigation activities
- Communicate clearly, diplomatically and effectively at all levels of the organization and to audiences with varying degrees of process and technical knowledge
- Assist with security testing and vulnerability management across various technical mediums
- Execute tasks in a high-pressure environment and multi-task | Experience working in a team-oriented, matrixed, collaborative environment while using analytical and problem-solving skills.
Bachelor’s Degree Preferred
- Bachelor Degree in computer science, MIS, Information Systems or Services is Preferred.
- Certified Information Systems Security Professional (CISSP) (within 12 months of employment)
- 3-5 years active cyber security domain experience
- Hands on experience and proficiency in various cybersecurity tools that are common across the information security industry
- Candidates that have multiple cyber security domain competencies to build in a matrixed environment
- Previous Information Technology experience a plus (network, storage, infrastructure/cloud, etc.)
- In-depth knowledge of common network cyber security tools/technologies to support the information security program
At Harley-Davidson it is not just about the degree you have or what you know. You must also exhibit and demonstrate our valued behaviors in everything you do.
Fair, Honest, Positive and Creative (FHPC) is our moral compass and will help guide us to do better as we rewire the company and look to our future. The essence of our Valued Behaviors and our Code of Business Conduct boils down to being FHPC.
Harley-Davidson is an equal opportunity employer that continues to build a culture of inclusion, belonging and equity through our commitment to attracting and retaining diverse talent from all backgrounds, without regard to race, color, religion, sex, sexual orientation, national origin, gender identity, age, disability, veteran status or any other characteristic protected by law. We believe in fairness and providing a level playing field for all. We foster a culture that thrives on diverse perspectives and contributions to ignite the creativity and innovation to fuel our business and enhance the employee and customer experience.
We offer an inclusive compensation package for all full-time salaried employees including, but not limited to, annual bonus programs, health insurance benefits, a 401k program, onsite fitness centers and employee stores, employee discounts on products and accessories, and more. Learn more about Harley-Davidson here.
Applicants must be currently authorized to work in the United States.
Direct Reports: No
Travel Required: 0 – 10%
COVID-19 Vaccine Required: No
Visa Sponsorship: This position is not eligible for visa sponsorship
Relocation: This position is not eligible for relocation assistance
- Address Plano, Texas
- Experience Level Junior
- Total Years Experience 0-5