Information Technology & Operational Technology Security Analyst

Job Summary:

The Information Technology (IT) & Operational Technology (OT) Security Analyst plays a critical role in safeguarding the digital infrastructure of our organization. This individual will spearhead security measures across the IT and OT environments, while collaborating with diverse teams to assess risks, develop policies, and deploy advanced technologies. The IT & OT Security Analyst will be responsible for identifying vulnerabilities, responding to incidents, and enhancing the Company’s security posture. By staying abreast of emerging security trends and technologies, this individual will continuously evolve the organization’s security framework to effectively mitigate risks and maintain compliance with regulatory standards.

Essential Functions, Duties, & Responsibilities:

·         Maintains accurate documentation of security implementations, maintenance, security incidents, investigations, and remediation efforts for reporting and analysis purposes.

·         Aids in technological upgrades, enhancements, and significant alterations to the information security framework.

·         Assists with periodic penetration tests and risk assessments of IT & OT systems to identify vulnerabilities, potential security risks and delivers results to management.

·         Supports with the development and implementation of security policies, key performance indicators (KPIs), procedures, and best practices for both IT & OT environments.

·         Monitors network traffic, devices, and security logs for signs of unauthorized access or suspicious activity.

·         Coordinates with IT teams, stakeholders, and vendors to deploy and maintain security solutions such as firewalls, intrusion detection systems, and antivirus software.

·         Responds to security incidents and breaches in a timely manner, following established incident response protocols and procedures.

·         Utilizes security software to secure both IT & OT assets from vulnerabilities, viruses, malware, and ransomware.

·         Provides support and assistance with internal and external security audits.

·         Develops and conducts security awareness training for the organization’s employees to promote cybersecurity best practices.

·         Collaborates with cross-functional teams to ensure compliance with regulatory requirements and industry standards.

·         Stays current on emerging cybersecurity threads, technologies, and trends to assist with recommendations of proactive measures to mitigate risks for the organization.

·         Partners with IT & OT vendors to maintain cybersecurity solutions.  

·         Offers technical expertise and guidance to stakeholders on security related matters.

·         Responds to relevant service requests received from end users.

·         Performs other duties as assigned.

Knowledge, Skills, & Abilities:

• Strong written and verbal communication skills.
• Exceptional interpersonal skills with the ability to collaborate with stakeholders at different levels of the organization.
• Ability to work independently with minimal supervision and adept at collaborating seamlessly across cross-functional teams.
• Excellent analytical and problem-solving skills with the ability to assess data quality and identify opportunities for improvement.
• Skilled in efficiently managing multiple priorities, concurrent projects, and the flexibility to adapt to change to ensure all deadlines for deliverables are met.
• Thorough understanding of Center for Internet Security (CIS) controls and National Institute of Standards & Technology (NIST) frameworks.
• Demonstrated knowledge of the International Society of Automation (ISA)/IEC 62443 and current best practices.
• Experience with Security Information and Event Management (SIEM) systems, Intrusion Detection and Prevention Systems (IDPs), and log analysis.
• Steadfast understanding of authorization methodologies, network protocols, encryption, firewalls, antivirus, and access control mechanisms.
• Stays informed of trends and common cyber threats to IT & OT environments.
• Possess a comprehensive understanding of Virtual Local Area Networks (VLANs), network segmentation, and wireless networking.
• Expertise with utilizing Manage Engine, Rapid7, Proofpoint, KnowBe4, Splunk, CrowdStrike, Claroty, ThreatLocker or similar IT and cybersecurity solutions is preferred.  
• Proficient with Microsoft (MS) Suite (Word, Excel, PowerPoint, Teams, Outlook etc.) and Microsoft Active Directory Administration.

Education & Experience:

·         Bachelor's degree in Information Technology, Computer Science, or a related field is required.

·         Minimum of 2-5 years of experience in prior IT roles, with a focus on Information Security, Network Engineering, Systems Administration, and/or Site Administration.

• Familiarity with Operation Technology (OT) Devices such as Programming Logic Controllers (PLCs) and Supervisory Control & Data Acquisition (SCADA).
• Experienced with managing and administering Multi-Factor Authentication (MFA), Privilege Access Management (PAM), or related IT security practices required.
• Possessing certifications in Information Systems Security Professional (CISSP), CompTIA Cybersecurity Analyst (CySA ), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), and or Cisco Certified Internetwork Expert (CCIE) is highly desired. 
• Prior work experience in industries such as Manufacturing, Food Manufacturing, or Retail is preferred.
• At least one year of experience working with manufacturing engineers and or plant maintenance is a plus.

Working Conditions:

·         Office and Plant work environments. Possibility of being exposed to varying conditions in the Plant setting, such as cold areas, warm areas, chemicals, loud noise levels, and other site conditions.

·         Work in office environment revolves around us of telephones, personal computers, and printers.

·         Seldom to occasional lifting of less than 25 pounds.

·         May require standing greater than 1/3 of the day.

·         Ability to collaborate virtually with stakeholders across multiple time zones.

·         Willingness and ability to travel up to 25% of the time.

The statements herein are intended to describe the general nature and level of work being performed by employees and are not to be construed as an exhaustive list of what is required of personnel so classified.  Furthermore, they do not imply or establish a contract for employment and are subject to change at the discretion of the employer.

Butterball, LLC is an equal opportunity employer and is committed to the fair and impartial treatment of all employees and applicants for employment without regard to gender, age, race, religion, color, national origin, physical or mental disability, military/veteran status, sexual orientation, gender identity and expression, genetic information, marital status, parental status, pregnancy, or any other status protected by law. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.