-
Senior Enterprise Vulnerability Analyst
- Graphic Packaging International, LLC (Atlanta, GA)
-
Senior Enterprise Vulnerability Analyst
Requisition ID: 11599
Location:
Atlanta, GA, US, 30328
Department: Information Technology
Travel: Up to 25%
If you are a GPI employee, please click the Employee Login before applying. (https://graphicpact2test.valhalla55.stage.jobs2web.com/)
At Graphic Packaging International, we produce the paper cup that held your coffee this morning, the basket that transported those bottles of craft beer you enjoyed last weekend, and the microwave tray that heated your gourmet meal last night. We’re one of the largest manufacturers of paperboard and paper-based packaging for some of the world’s most recognized brands of food, beverage, foodservice, household, personal care and pet products. Headquartered in Atlanta, Georgia, we are collaborative, diverse, innovative individuals who create inspired packaging while giving back to our communities.
With over 25,000 employees working in more than 130 locations worldwide, we strive to be environmentally responsible in our industry and in the communities where we operate. We are committed to workplace diversity and offer compensation and benefits programs that are among the industry’s best to reward the talented people who make our company successful.
If this sounds like something you would like to be a part of, we’d love to hear from you.
A World of Difference. Made Possible.
MISSION / SUMMARY:
Enterprise Vulnerability Management covers server, cloud, workstations, applications, appliances, and mobile devices to ensure all risk mitigation activities are performed in a timely manner to de-risk and protect Graphic Packing International’s enterprise assets from cyber-threats.
The primary mission includes evaluating security vulnerabilities, assessing risk and impact, to protect GPI from internal and external threat vectors. Utilization of a host of GPI operational and cyber tools to discover, prioritize and automate methods towards vulnerability management tasks.
Primary Responsibilities
The Enterprise Vulnerability Analyst will be responsible with assisting the continual development and growth of the Enterprise Vulnerability Management, or EVM, program. This role will be collaborating with cross-functional and technical teams in a global, matrixed environment with the goal to de-risk GPI. Additional activities will include revising existing documentation and process models as well as assisting in the implementation of new, innovative methodologies of vulnerability management as necessary.
The analyst must be technically competent being capable of identifying process, security, and general technical gaps could cause security events and follow defined procedures for mitigating threats.
+ De-risk the GPI enterprise utilizing tools that make up the GPI Operational Stack including but not limited to Qualys, ServiceNow, SCCM, and Sentential One
+ Detection and reporting of all vulnerabilities (including misconfigurations) in all environments such as production & non-production, including but not limited to network, servers, databases, application, and workstations)
+ Collaborate with cross-functional, global organizations including IT Service Owners, managed service providers, shared services, and internal business partners
+ Deep dives into vulnerability findings to determine EOL/EOS services and operating systems, following through to ensure service remediation or operational risk exceptions are documented and reported
+ Triage vulnerabilities and application findings to determine required patching, remediation, and prioritization
+ Driving process excellence in the enterprise vulnerability management space performing in a matrixed environment across governance teams
+ Engage with department leaders, project managers, software development, and lines of business to acquire support and evaluate all changes
+ Serve as change agent by leading successful process improvement practices, diagnosing barriers to Enterprise Vulnerability Management success, facilitating resolutions as appropriate
+ Apply industry best practices to maximize efficiencies and achieve adherence to diverse program policy guidelines
+ Drive a regular cadence with stakeholders to gain a holistic perspective of the current state of VM and Patch Management operations
+ Assist with the determination and the scope of the program
+ Provide technical knowledge to operations and various support teams
+ Continually enrich the data quality of ServiceNow and the CMDB
+ Prepare and maintain technical documentation of VM program including requirements, SOP’s, architecture designs, network topology, applications, and application security designs
+ Make strategic decisions based upon status reports to related to VM metrics, KPI’s, trending, and compliance
+ Collaborate on information security policies, standards, and baselines and contribute efforts to measure compliance
+ Collaborate on and provide EVM results and metrics for consistent reporting for governance purposes; collaborate and coordinate remediation plans and activities
+ Help develop a long term EVM strategy that will address global information security needs (current state, gaps, and opportunities)
DESIRED SKILLS:
+ Understanding the nature of a complex, matrixed, global enterprise environment, where the coordination of the various business and technical teams’ timelines, is paramount for execution and success in this role
+ Ability to indirectly influence others to accomplish goals and objectives
+ Strong communication & organizational skills
+ Certification in Qualys Guard
+ 5-7 years Vulnerability Management and or SecOps background
+ 5-7 years ServiceNow experience or similar ITSM tools
+ 3-5 years SCCM administration, package development & deployment
+ 3-5 years of project management experience
+ Strong ITIL framework methodology, governance policies, and associated processes
+ Large Enterprise experience with a >25,000 userbase
+ Proven success in a highly matrixed environment
+ Strong track record of team development and management skills
BACKGROUND / EDUCATION/ EXPERIENCE:
+ Bachelor’s degree in Information Technology or related field, or proven IT professional record
+ Successful track record of collaboration with teams that deliver on operational priorities
+ Demonstrated API integration, Active Directory, LDAP, JAMF, SCCM experience
+ Experience providing on-site and remote technical support for IT infrastructure and end user services
+ Strong written and verbal communication skills across a broad range of personnel across all business functions. Experience in a manufacturing environment desirable
+ Experience in a 24/7 high-availability multi-site enterprise environment that includes infrastructure and application hosting, version control, security management, and information protection
+ Ability to work in a virtual global team environment across all time zones
GPI’s Benefit Program
+ **Competitive Pay**
+ **401(k) w/employer matching**
+ **Health & Welfare Benefits**
+ **Medical, dental, vision, and prescription drug coverage**
+ **Short and Long-Term Disability**
+ **Life Insurance**
+ **Accidental Death & Dismemberment (AD&D) Insurance**
+ **Flexible Spending and Health Savings Accounts**
+ **Various Voluntary benefits**
+ **Adoption Assistance Program**
+ **Employee Discount Programs**
+ **Employee Assistance Program**
+ **Tuition Assistance Program**
+ **Paid Time Off + 11 paid company holidays each year**
Applicants will be accepted on an ongoing basis and there is no deadline.
This role is incentive plan eligible. Additional information will be shared during the hiring process. Each candidate’s compensation offer will be based on multiple factors including, but not limited to, knowledge, skills, past experience, job duties, geography, and business need, among other things.
Graphic Packaging is an Equal Opportunity Employer. All candidates will be evaluated on the basis of their qualifications for the job in question. We do not base our employment decision on an employee's or applicant's race, color, religion, age, gender or sex (including pregnancy), national origin, ancestry, marital status, sexual orientation, gender identity, genetic identity, genetic information, disability, veteran/military status or any other basis prohibited by local, state, or federal law.Click here to view the Poster, EEO is the Law. (http://performancemanager4.successfactors.com/Graphicpkg/SF\_eeo\_is\_the\_law\_federal\_poster.pdf)
**Nearest Major Market:** Atlanta
-
Recent Jobs
-
Senior Enterprise Vulnerability Analyst
- Graphic Packaging International, LLC (Atlanta, GA)
-
Customer Service Representative II/III
- ProAmpac Holdings, Inc. (Wrightstown, WI)
-
Manufacturing Operator
- Staff Management | SMX (Redwood City, CA)
-
Clinical Pharmacology and Pharmacometrics Intern Summer
- J&J Family of Companies (Spring House, PA)