Cyber Security Analyst

Skills and Knowledge 

1. Communication verbal and non-verbal, English speaking, deductive reasoning, be able to translate business requirements into technical concepts
2. Understand China legal Regulations
3. Have Knowledge of ISO 27001
4. Documentation and policy development 
5. Process Enhancement 
6. Organized 
7. Nice to have: CISSP Certification 
8. ISACA Certifications such as CISM, CISA, CRISK etc
9. 1 to 3 years of experience in the cyber security area. 
10. Experience with manufacturing and global organizations 
11. Ability to work in global environment, flexibility in reaching out to global teams to get things done

Security Risk Management Support

1. Maintain timely communication with the global ServiceNow team and Cyber Team regarding unexpected security risks or demands, providing necessary local support as required.
2. Participate in incident response and risk management activities, effectively addressing emerging security needs.
3. Security alerts monitoring and events, and proactively help react to incidents related to China and APAC as needed
4. Collaborate with multiple business departments and assist them in conducting VSA audits for suppliers when introducing their IT systems. The main responsibilities include coordinating with suppliers to complete the VSA questionnaire, submitting IT system qualification documents, and working with the global cyberteam to prepare the review report based on the preliminary findings. Ensure that security assessments are completed within the specified time frame.
5. Work with project teams and cyber stakeholders to review and reduce vulnerabilities identified in Gitlab / ServiceNow for the projects
6. Identify and address security risks, ensuring all assigned tasks are completed within agreed timelines and aligned with established security policies and procedures.

Cybersecurity Training

1. Support APAC training for security awareness training, shop floor, and role-based training
2. Track training completion and help stakeholders if needed

Ensure Local Business Security Compliance

1. Ensure that local business requirements comply with corporate security standards by supporting the implementation of security regulations, device usage guidelines internal
2. Document-sharing policies and security policy baselines. Such as assisting in updating the IT policies in the employee handbook to align with global and local policies and regulations.
3. Assist in any audit involving Chinese law and regulations

Business-Cybersecurity Coordination Support

1. Ensure all special security requests are accurately documented and submitted to the global cybersecurity team.
2. Provide timely follow-up to ensure requests are processed efficiently.
3. Effectively communicate cybersecurity team decisions and guidance to the business to ensure alignment with security policies.

Cybersecurity Process Communication and Approval Support

1. Ensure cybersecurity processes are effectively communicated to local teams, providing support to help them complete security approvals accurately and on time.

Responsibilities

In this role, you will make an impact in the following ways:

• Responds to moderately complex computer security incidents according to the Information Security Policies and Industry Best Practices.
• Coordinate efforts to provide timely updates and recommendations to multiple business units during incident response.
• Contributes to a team of cybersecurity professionals working with threat data, writing reports, briefing event details to leadership, and coordinating remediation with personnel.
• Analyzes / participate in potential impact of new threats and exploits and communicates risks to Cyber Security Engineering.
• Monitors information security-related websites (e.g., SANS Internet Storm Center) and mailing lists (e.g., BugTraq) to stay up to date on current attacks and trends.
• Ensures technology employed by the Intrusion Analyst team complements operational processes.
• Performs in-depth analysis in support of moderately complex intrusion detection operations.
• Finds anomalous or malicious activity on Cummins networks using analytical methods and tools in an operational environment.
• Takes the initiative to understand and master new operating systems, security applications, and open-source tools.
• Performs root cause analysis and makes recommendations on changes for review by others.
• Collects intrusion artifacts (e.g., source code, malware, trojans) and uses discovered data to enable mitigation of potential incidents within the enterprise.
• Troubleshoots complex, cross-business issues within existing security and privacy protections.
• Performs root cause analysis and makes recommendations on changes.
• Analyzes identified malicious activity and determines appropriate course of action in response to identified and analyzed anomalous network activity.
• Performs event correlation using information gathered from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.

To be successful in the role you will need the following 

College, University or equivalent degree in Cyber Security, Computer Science or Information Technolgy, or related subject, or relevant equivalent experience required, this position may require licensing for compliance with export controls or sanctions regulations.

Nice to have: CISSP Certification 

ISACA Certifications such as CISM, CISA, CRISK etc

1 to 3 years of experience in the cyber security area.