IT Cyber-Security Analyst

Founded in 1948, Norco is headquartered in Boise, Idaho and has more than 70 branches in Idaho, Montana, Oregon, Nevada, Washington, Utah and Wyoming. As a family and employee owned company we operate the nation's largest independent gas manufacturer/distributor of welding, safety, medical equipment and supplies. Norco is proud to be among the thousands of privately-owned businesses nationwide that offer their employees a meaningful stake in the business through employee stock ownership (ESOP).

At Norco we share a common mission: "Serving You Better." Treating customers, suppliers and each other with respect and dignity is our top priority. We work hard every day to serve others and create rich lives for our employees, their families, and the communities where we work and live.

Norco, Inc. is currently offering a signing bonus of $1,500.00 for this position. Details of the signing bonus can be discussed during the interview. (Applies to full-time direct new hires only)

The Cyber-Security Analyst position is primarily responsible for monitoring, identifying, analyzing, and responding to cyber security threats to the Norco Network and systems from cyber-attacks. This involves researching IT trends, creating contingency plans, reviewing suspicious activities, reporting security breaches, and education of Norco staff on security measures, procedures, and policies. The Cyber-Security Analyst will work closely with other NorcoIT professionals implementing threat protection and security controls within the entire organization.

Other responsibilities include, but are not limited to:

• Monitor, identify, analyze, and respond to cyber security threats.
• Train employees in security awareness and emerging technologies in respect to cyber security
• Support implementations and projects to cyber security requirements.
• Act as a trusted security advisor for business and IT supporting them in their daily operation and in achieving their objectives.
• Conduct and/or coordinate IT security risk assessments for technology and security frameworks.
• Facilitate multiple stakeholders to agree on appropriate solutions and verify that security risks are mitigated appropriately. Verify that required security controls are baked into new products.
• Perform deep dives on information security-related processes and systems.
• Identify system limitations that could lead to regulatory risks and provide guidance for resolution and risk mitigation.
• Stay abreast of innovative business and technology trends in IT security, risk, and controls and advise leadership on technology initiatives.
• Partner with key stakeholders to define and implement new IT security requirements within supporting systems.
• Carry out risk assessments and gap analysis of multi-networks and cloud environments using compliance standards and frameworks such as PCI DSS, CJIS, and NIST
• Create, manage, and enforce compliance requirements for system, business process and information systems and assist in development of the organization’s cybersecurity compliance program.

• Bachelor's degree in computer science, information systems, or related fields or related experience.
• 3 years of experience working on or with security teams.
• Experience with implementing 802.1x on wired and wireless networks.
• Knowledge of Active Directory, DNS, PKI, SAML, TLS.
• Experience securing large scale, multi-site networks.
• Experience with secure remote access/WAN technologies (ipsec, VPN, etc)
• Experience deploying web application firewalls (ideally AWS)
• Experience installing security controls- for example WAFs (web application firewall)
• Familiar with most common exploited CVEs and remediation methods
• Strong knowledge of security topics including network and application security, infrastructure hardening, security baselines, and web server / database security.
• Hands-on experience working in an agile security team and can point to your impact in how you’ve helped improve security posture, preparedness, or maturity.
• Knowledge of network-based and system-level attacks and mitigation methods

Norco offers a competitive compensation/benefit package, including:

• Employee Stock Ownership Plan (ESOP)
• Health, Vision and Dental Insurance
• Health Savings Account (HSA)
• Medical and Dependent Care Flex Accounts (FSA)
• Life Insurance provided at no cost to employee by Norco through United Heritage
• Supplemental Accident, Disease, and Life Insurance through Colonial Life Insurance
• Employee Tuition Reimbursement
• 401(k) with Employer Matching
• Wellness Program
• Employee Discount on products sold by Norco

Norco, Inc is an Equal Opportunity/Affirmative Action Employer
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Norco, Inc is a Drug-Free workplace.