Acco Brands - Lake Zurich, IL
posted 3 months ago
ACCO Brands is seeking a talented individual to join the Information Technology team as a Sr. Cybersecurity Analyst at the Lake Zurich, Illinois location (hybrid). This position will serve as the subject matter expert on all cybersecurity matters, technical and otherwise, involving the security and protection of information systems, data, and the organization's assets. The role includes engaging in cybersecurity control and process improvement activities, being a key member of the cybersecurity incident response team, driving and assisting in cybersecurity projects, performing cybersecurity operations responsibilities, third-party reviews, and other related activities. In this role, you will maintain up-to-date detailed knowledge of the cybersecurity industry, including awareness of security solutions, improved security processes, and the development of new attacks and threat vectors. You will build and maintain effective relationships with peers and internal business partners, lead and assist in creating effective controls to address security gaps and remediation efforts, and perform daily cadences, which include monitoring and reviewing cybersecurity systems, investigating events and incidents. You will also recommend additional security solutions or enhancements for existing IT solutions to improve overall enterprise security, assist in implementing the cybersecurity roadmap, and enhance maturity. Your responsibilities will include performing maturity and organizational annual risk assessments, driving the Threat Vulnerability process to identify threats and exploits, and making recommendations to mitigate vulnerabilities. You will partner with global teams to drive remediation of exploits and vulnerabilities that meet SLA requirements, drive and configure annual phishing and social engineering campaigns, and participate in the planning and design of enterprise security strategy, processes, and procedures. Additionally, you will lead incident response activities, including incident discovery, investigation, containment, remediation, recovery, and closure. You will perform root cause analysis and create reports based on outcomes of incident investigations, provide project support for both IT and business initiatives to ensure security controls are built in from the beginning of the project, and analyze system performance for potential security problems. You are expected to stay up to date on the latest cybersecurity intelligence, including hacking methodologies and the kill chain, to anticipate security breaches and compromises. Ensuring control compliance with audit, regulatory, and legal requirements, such as PCI, GDPR, and Sarbanes-Oxley, will also be part of your responsibilities.