Standard Motor Products
IT - Senior Security Analyst
Standard Motor Products, Lewisville, Texas, us, 75029
Established in 1919 and traded on the NYSE, Standard Motor Products, Inc. (SMP) is a leading independent manufacturer and distributor of premium automotive replacement parts utilized in the maintenance, repair, and service of vehicles in the automotive aftermarket. Additionally, SMP provides customized solutions for vehicle control and thermal management products in diversified end markets represented by its Engineered Solutions segment.
Globally, SMP employs over 6,000 employees across nearly 40 manufacturing, distribution, and engineering facilities and offices located in North America, Europe and Asia. SMP sells its products primarily to automotive aftermarket retailers, program distribution groups, warehouse distributors, original equipment manufacturers, and original equipment service part operations in the United States, Canada, Europe, Asia, Mexico, and other Latin American countries.
Primary Responsibilities
Help lead a team of Security Analysts and provide guidance, mentorship, and support. Assess, design, document, and work with IT teams to implement security controls for critical applications and systems throughout the company network to meet security standards and best practice recommendations. Plan and schedule work with all areas of IT to ensure timely remediation of vulnerabilities based on security scans, penetration testing, or other means of detection of threats. Conduct thorough investigations of security alerts/incidents and provide detailed reports on findings and actions taken. Develop and implement security policies, procedures, and best practices to protect sensitive information and ensure compliance with regulatory requirements. Maintain and ensure annual updates of all security-related Infrastructure policies and procedures by working with the respective teams. Perform regular security audits, risk assessments, and vulnerability assessments to identify and mitigate potential security risks as well as ensure the effectiveness of security controls. Stay up-to-date with the latest cybersecurity trends, threats, and technologies. Reviewing email proxy phishing and spam queues. Provide guidance for tuning/adjustment of rules for the email proxy as needed. Develop, write, and maintain policies and procedures to ensure compliance with SOC 2, CIS Top 18, TISAX, and other relevant standards. Define rules for and assist with DLP system maintenance. Assist in overseeing 3rd party risk by communicating to vendors regarding mitigating discovered vulnerabilities. Lead incident response and assist with disaster recovery planning and execution. Monitor alerts and assess and improve on response plans based on the severity and applicability of the threat. Ongoing system maintenance, policy configuration changes, and patching. Participate in the recruitment and training of new team members. Participate in tabletop exercises within IT and operational areas. Other security tasks as needed.
Job Qualifications
Typically requires a bachelor's degree or its equivalent At least 4 - 7 years of security work experience. Experience in conducting security training and awareness programs. Proficiency in conducting risk assessments, vulnerability assessments, and penetration testing, or working with pentesting firms. Strong understanding of cybersecurity compliance frameworks, standards, and best practices (e.g., NIST, CIS, TISAX, OWASP, etc.) Experience configuring, maintaining, and auditing application systems security controls. Knowledge of system and network exploitation, attack vectors and pathologies, intrusion techniques, such as phishing, denial of service attacks, OWASP Top 10 vulnerabilities, malicious code/malware, ransomware, password attacks, etc. Experience with Next Generation Firewalls, Next Generation EndPoint Protection products, IDS/IPS, and web application firewall technologies. Experience with SIEM log centralization solutions. Knowledge of current Windows Server, Windows Workstation, Apple, Linux, VMware, and Active Directory environments. Knowledge of Directory Services (LDAP, AD) and Internet/Intranet architecture and design. Experience with Email Security, Web Security, and DLP products. Professional certifications such as CISSP, CISM, CEH, or equivalent are highly desirable. Excellent analytical, problem-solving, and communication skills. Standard Motor Products is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
Other details
Job Family Information Technology Pay Type Salary
Apply Now
Globally, SMP employs over 6,000 employees across nearly 40 manufacturing, distribution, and engineering facilities and offices located in North America, Europe and Asia. SMP sells its products primarily to automotive aftermarket retailers, program distribution groups, warehouse distributors, original equipment manufacturers, and original equipment service part operations in the United States, Canada, Europe, Asia, Mexico, and other Latin American countries.
Primary Responsibilities
Help lead a team of Security Analysts and provide guidance, mentorship, and support. Assess, design, document, and work with IT teams to implement security controls for critical applications and systems throughout the company network to meet security standards and best practice recommendations. Plan and schedule work with all areas of IT to ensure timely remediation of vulnerabilities based on security scans, penetration testing, or other means of detection of threats. Conduct thorough investigations of security alerts/incidents and provide detailed reports on findings and actions taken. Develop and implement security policies, procedures, and best practices to protect sensitive information and ensure compliance with regulatory requirements. Maintain and ensure annual updates of all security-related Infrastructure policies and procedures by working with the respective teams. Perform regular security audits, risk assessments, and vulnerability assessments to identify and mitigate potential security risks as well as ensure the effectiveness of security controls. Stay up-to-date with the latest cybersecurity trends, threats, and technologies. Reviewing email proxy phishing and spam queues. Provide guidance for tuning/adjustment of rules for the email proxy as needed. Develop, write, and maintain policies and procedures to ensure compliance with SOC 2, CIS Top 18, TISAX, and other relevant standards. Define rules for and assist with DLP system maintenance. Assist in overseeing 3rd party risk by communicating to vendors regarding mitigating discovered vulnerabilities. Lead incident response and assist with disaster recovery planning and execution. Monitor alerts and assess and improve on response plans based on the severity and applicability of the threat. Ongoing system maintenance, policy configuration changes, and patching. Participate in the recruitment and training of new team members. Participate in tabletop exercises within IT and operational areas. Other security tasks as needed.
Job Qualifications
Typically requires a bachelor's degree or its equivalent At least 4 - 7 years of security work experience. Experience in conducting security training and awareness programs. Proficiency in conducting risk assessments, vulnerability assessments, and penetration testing, or working with pentesting firms. Strong understanding of cybersecurity compliance frameworks, standards, and best practices (e.g., NIST, CIS, TISAX, OWASP, etc.) Experience configuring, maintaining, and auditing application systems security controls. Knowledge of system and network exploitation, attack vectors and pathologies, intrusion techniques, such as phishing, denial of service attacks, OWASP Top 10 vulnerabilities, malicious code/malware, ransomware, password attacks, etc. Experience with Next Generation Firewalls, Next Generation EndPoint Protection products, IDS/IPS, and web application firewall technologies. Experience with SIEM log centralization solutions. Knowledge of current Windows Server, Windows Workstation, Apple, Linux, VMware, and Active Directory environments. Knowledge of Directory Services (LDAP, AD) and Internet/Intranet architecture and design. Experience with Email Security, Web Security, and DLP products. Professional certifications such as CISSP, CISM, CEH, or equivalent are highly desirable. Excellent analytical, problem-solving, and communication skills. Standard Motor Products is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
Other details
Job Family Information Technology Pay Type Salary
Apply Now