The Greenbrier Companies, Inc. Senior IT Security Administrator in Lake Oswego, Oregon
At Greenbrier, we do the hard work that matters. The Greenbrier Companies (NYSE: GBX) is a leading designer, manufacturer and supplier of freight rail and marine transportation equipment and services, powering the movement of products around the world. Greenbrier's innovation and engineering expertise pairs with our capacity to build and repair freight transportation equipment. This allows us to provide an unrivaled level of service to our customers across the Americas, Europe and countries of the Gulf Cooperation Council. Greenbrier also provides asset management services and a unique railcar leasing syndication platform that brings us into contact with the world's leading fixed asset investors.
Greenbrier's heritage of hard work and industrial innovation is celebrated at every level of our organization. We structure our business to support teams that deliver innovative solutions for our customers and positively impact the world around us.
The IT Security Administrator is responsible for supporting the goals, strategy and methodologies of the Greenbrier IT Security team in alignment with regulatory compliance requirements, policies, and risk management standards. The Senior IT Security Administrator performs security services to include access control functions, audits, data analysis, software/systems security validations, and vulnerability management. This function works to protect corporate data and assets by employing appropriate security tools, processes and policies.
The Senior IT Security Administrator plays a key role in enabling operations in today's connected environment. This role is critical to the company's success and its ability to transact, communicate, operate and partner with customers and business.
Primary responsibilities and essential functions:
Support alignment of controls between Compliance, Security, and operations, in support of The Greenbrier Company's security goals.
Assist with development, implementation and on-going maintenance of security policies and procedures.
Monitor, and direct policy for firewalls, enterprise antivirus systems, filters and data leakage prevention systems and processes.
Monitor security logs from various systems; provide investigative actions, denote anomalies and escalate security violations including documentation and reporting of events and preventive actions.
Monitor and direct the; provisioning of Internal/External User setup and activation, user and permission changes, using defined Identity and Access Management/Role Based Access Control (IAM/RBAC) processes and tools.
Develop and maintain incident response procedures to include continuous improvements, and respond to incidents as part of a team and lead efforts to; remediate, restore and report.
Support acquisition integrations from security, user provisioning and data protection perspective
Assist with Development of end to end security and data protection process documentation utilizing standard tool sets that serve as a foundation for test scripts, training materials and business communications.
Provide second-level security support proactively with members of other IT teams and the various business units.
Develop, publish and utilize security and data protections standards and policies; enforce and audit adherence to published standards and policies
Support the assessment of system and network vulnerabilities through periodic penetration testing and coordinate with internal and external entities to validate and remediate using test results.
Contribute to the overall health of Greenbrier's information technology environment through creative input
Required Experience and Minimum Qualifications:
Bachelor's Degree in Computer Science, Information Technology, or equivalent education/experience.
Minimum 5 years' experience in I/T systems security administration
Experience with audit and compliance rules of a public company
Active participation is ISSA, ISACA or other organizations to keep current is a plus
CISA (Certified Information Security Manager)
GIAC: Global Information Assurance Certifications -- Security Essentials
CISSP: Certified Information Systems Security Professional
CISSP-ISSAP: Architectural Professional --or--other recognized certifications
Solid understanding of Active Directory and AD Group Policies
Experience with security Information Event Management (SIEM)
Identity and Access Management
Expertise with Network Equipment, Firewalls, Load Balancers, Application Proxy Firewalls
Web and Email Filtering
Remote Access Technology
Intrusion Detection / Prevention Systems
Anti-Virus / Anti-Malware
MS Windows Server Administration
Familiarity with SOX security controls
MS SharePoint Security
Penetration testing tools and processes
Security vulnerability analysis and test tools
Scripting and/or software programming tools
Must have excellent verbal communication skills
Above average listening skills
Ability to relate technical issues to non-technical people as required
Ability to write clearly and concisely
Strong analytical and problem solving skills are required.
Time management skills and capacity
Ensures Greenbrier complies with audit requirements (Sarbanes Oxley, SOC1, HIPAA, NIST CSF, or other similar frameworks)
Track record of being a team player
Collaborates with others on work and problem resolution
Good planning skills
Company: Greenbrier Leasing Company LLC
Functional Group: Information Technology