Sundyne is hiring: IT Cybersecurity Analyst in Wheat Ridge

It's fun to work in a company where people truly BELIEVE in what they are doing Headquartered in Arvada, Colorado with operations and presence in Europe, the Middle East, India, Asia, Japan, and China, Sundyne is a global manufacturer of precision-engineered, highly reliable, safe, and efficient centrifugal pumps and compressors for use in chemical, petrochemical, hydrocarbon, hydrogen, pharmaceutical, power generation, and industrial applications. Sundyne is a leader in delivering precision-engineered and highly reliable pumps & compressors to many of the world's most important markets, including energy, chemical, industrial, carbon capture, clean hydrogen, and renewable fuels. Sundyne pumps and compressors are available in API, ANSI/ASME, ISO, and other industry-compliant designs. To learn more about the Sundyne family of precision-engineered pumps and compressors, please visit www.sundyne.com. Position Description Sundyne is seeking a Cybersecurity Analyst to be the primary driver and owner of Sundyne's entire Cybersecurity program. Responsibilities will be to assess Sundyne cybersecurity tools/controls, plan improvements, collaborate with internal and external staff on implementing improvements, and report status or progress to management. Job Duties & Responsibilities CIS/NIST Framework Perform ad-hoc and on-going assessments of Sundyne controls and compare to CIS/NIST Framework Identify gap areas or areas requiring additional improvements Discuss, plan, schedule, and implement changes in the Sundyne environment working with both internal staff and outsourced service providers to adhere to CIS/NIST framework Report to management on status, plan, schedule and future state Vulnerability Scanning / Penetration Testing Work with outsourced service provider to schedule and conduct vulnerability scans and penetration tests using existing tool(s) Review and assess findings with respective stakeholders Discuss, plan, schedule, and implement changes in the Sundyne environment working with both internal staff and outsourced service providers to reduce or mitigate identified vulnerabilities Report to management on status, plan, schedule and future state Other Cybersecurity Assessments/Certifications/Questionnaires Assist in conducting other cybersecurity assessments as required Review and/or complete various cybersecurity questionnaires on Sundyne's behalf when requested by 3rd parties Discuss, plan, schedule, and implement changes in the Sundyne environment working with both internal staff and outsourced service providers to reduce or mitigate identified vulnerabilities Report to management on status, plan, schedule and future state Use cybersecurity questionnaires as input into Sundyne cybersecurity program, to identify potential areas of improvement Create Sundyne's Cybersecurity questionnaire for completion by 3rd parties which have access to Sundyne IT or provide IT service to Sundyne Assist in the certification/re-certification of Cyber Essentials Plus certification (CE) Develop and execute a plan towards gaining ISO27001 certification for all Sundyne sites globally Develop and execute a plan towards gaining ISO 9001:2015 certification for all Sundyne sites globally Security Projects/Initiatives Research, plan, implement, project manage security projects or initiatives in the pursuit of increased Security Leverage all inputs to put together a holistic cybersecurity program for the organization Review and/or develop Incident response plans Tabletop exercises BCP/DR Plans Customer Notification Plans Assist other IT Security team members as needed Phishing Simulations Email & web filtering Span and Phishing email investigations IPS/IDS alert investigations SIEM alert investigations Review and oversee zero-day vulnerabilities Review or create policies, standards and procedures related to Cybersecurity topics. Skills & Abilities Ability to maintain multiple projects and initiatives at the same time Experience communicating and collaborating with multiple audiences at different levels - Individual Contributors to C-Level Executives Effective written and oral communication skills Ability to keep calm under pressure Strong planning, coordination, documentation and scheduling skills Customer Focused with a can-do attitude Experience working with or overseeing international outsourced service providers Some knowledge/experience with Batch, PowerShell, or other scripting languages Qualifications Cybersecurity Certifications, one or more of the below required CISSP - Certified Information Systems Security Professional CISA - Certified Information Systems Auditor CompTIA Security CASP - CompTIA Advanced Security Practitioner CEH - Certified Ethical Hacker CISM - Certified Information Security Manager SSCP - Systems Security Certified Practitioner GCIH - Global Information Assurance Certification Certified Incident Handler GSEC - Global Information Assurance Certification Security Essentials Certification OSCP - Offensive Security Certified Professional Completed Bachelor Degree in Computer Science, IT Security, Cybersecurity or equivalent required 7-10 years' experience in IT with a focus on Identity Management and Security required Security Apps/Products, expert level in one or more of the below tools or products preferred Active Directory/Azure Active Directory Qualys Crowdstrike Colortokens BluSapphire O365 Cloud App Security Azure Security Cisco ASA Cisco ISE Meraki Cisco Umbrella Certificate based Authentication & Encryption Ability to showcase experience in improving cybersecurity standards across the board using CIS/NIST Framework If you like growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us LI-KD1 LI-Remote If you like growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us Compensation Details Annual Salary: $110,000.00 - $135,000.00 Additional Compensation Salary Range for this position: $110k-$135k (the salary offered will be determined based on the applicant's education, experience, skills, knowledge, abilities, and will be compared with internal equity along with market data for this position). Application Deadline: 2025-02-11