Senior Cybersecurity Analyst
Nextech

Overview

Join the best in the industry at Nextech and embark on a rewarding career journey! For over 30 years, we've built our success on a foundation of Quality, Value, and Integrity, fostering enduring partnerships with thousands of satisfied customers. With over 2,000 team members nationwide, Nextech sets itself apart from other companies by being America's largest HVAC/R service provider.

As we continue to grow, we're committed to offering an exceptional work experience for our employees with numerous opportunities for development and advancement. If you pride yourself on quality work, integrity, and dedication, we want you on our team. Nextech boasts outstanding review ratings on Indeed and Glassdoor, making it the premier destination for HVAC professionals. Elevate your career by joining Nextech today!

Role:

The Senior Cybersecurity Analyst will participate strategically and tactically in the overall planning, organizing, and execution of all Information Technology Security functions for Nextech. This hands-on position requires a flexible, well-rounded individual, who is comfortable operating within an IT Cybersecurity team as they build and implement Nextech's Cybersecurity strategy.

Nextech is seeking a strong technical Analyst with the ability to execute as well as grow and advance our Cybersecurity program. This is a unique opportunity to continue to build on a solid foundation, shape your future, and help build a high performing Security Program with the opportunity to grow your career.

Benefits:

• Paid Training & Ongoing Development - Invest in your career with fully paid initial and continuous training.
• Top-Tier Health Insurance - Choose from excellent options, including a FREE employee-only plan.
• Dental & Vision Coverage - Prioritize your overall health with added benefits.
• Supplemental Insurance Options - Access Accident, Critical Illness, Disability, and Supplemental Life coverage.
• FREE Life Insurance - Coverage equal to your annualized pay at no cost to you.
• 401(k) Retirement Plan - Secure your future with a 50% match on the first 6% of your contributions.
• Generous Time Off - Recharge with 7 paid holidays, and Paid Time Off (PTO).

Min CompensationUSD $82,000.00/Yr. Max CompensationUSD $112,000.00/Yr. Responsibilities

• Participates in the continued development of Nextech's security program, strategies, roadmaps and standardization following industry best practices
• Provides system security subject matter expertise input and recommendations to IT & Development teams
• Security compliance & vulnerability scanning/remediation across multiple platforms and networks
• Manages security efforts, including but not limited to access control, monitoring configuration, security patch testing, configuration management and incident response
• Translates cyber-threat intelligence into actionable mitigation plans
• Partners with IT support groups & DevOps Teams to remediate security vulnerabilities, establish best practices, and build sustainable Cybersecurity programs
• Conducts research and makes recommendations on products, services, and standards in support of all global infrastructure security efforts
• Develops and maintains appropriate response playbooks, facilitates routine exercises, and ensures a sound communication process for all cyber events
• Works directly with Managed Detect and Response (MDR) vendor to ensure timely alerting, remediation/incident response, and Root Cause | Corrective Actions
• Completes assigned tasks in a safe, accurate, thorough, and alert manner
• Upholds Company policies and procedures
• Works in a professional manner with managers, supervisors, coworkers, customers, and the public
• Other related job duties as assigned

Qualifications

• Participates in the continued development of Nextech's security program, strategies, roadmaps and standardization following industry best practices
• Provides system security subject matter expertise input and recommendations to IT & Development teams
• Security compliance & vulnerability scanning/remediation across multiple platforms and networks
• Manages security efforts, including but not limited to access control, monitoring configuration, security patch testing, configuration management and incident response
• Translates cyber-threat intelligence into actionable mitigation plans
• Partners with IT support groups & DevOps Teams to remediate security vulnerabilities, establish best practices, and build sustainable Cybersecurity programs
• Conducts research and makes recommendations on products, services, and standards in support of all global infrastructure security efforts
• Develops and maintains appropriate response playbooks, facilitates routine exercises, and ensures a sound communication process for all cyber events
• Works directly with Managed Detect and Response (MDR) vendor to ensure timely alerting, remediation/incident response, and Root Cause | Corrective Actions
• Completes assigned tasks in a safe, accurate, thorough, and alert manner
• Upholds Company policies and procedures
• Works in a professional manner with managers, supervisors, coworkers, customers, and the public
• Other related job duties as assigned

Required Knowledge, Skills, and Abilities:

• Advanced knowledge of internetworking and Windows client/server security concepts, best practices, and procedures
• Broad understanding of all aspects of IT and enterprise systems interoperability
• Ability to communicate technical topics (verbal and written) to multiple organizational levels
• Ability to perform Pre-Audit cybersecurity tasks
• Demonstrated personnel/project management skills
• Able to conduct research into issues and products as required
• Ability to prioritize and execute tasks in a fast-paced environment and make sound decisions in emergency situations
• Highly self-motivated and directed
• Proven analytical and problem-solving abilities
• Strong customer service orientation
• Ability to work globally in a team-oriented environment
• Excellent interpersonal written and oral communication skills
• Proficient in Microsoft Office including advanced skills in Excel (Pivot tables, Vlookup, Macros, If Statements, Formulas)
• Ability to coordinate, contribute to and work within a cross-functional team
• Ability to thrive in a dynamic and fast-paced environment
• Able to prioritize duties and manage multiple projects from start to finish with minimal supervision
• Must possess the ability to take initiative to complete assignments and job responsibilities with minimal supervision
• Exceptional attention to detail and excellent organizational skills

Education and Experience:

• BS/BA degree from a four-year accredited university or college in Information Security, IT Engineering, or Computer Science and/or Eight (8) years relevant work experience
• CISSP, SANS, GIAC, CISM, CISA are preferred
• Experience with IPS/IDS, IaaS/SaaS environments
• 5+ cumulative years' experience in the following:
  • Security Risk Analysis / Threat and Risk Analysis
  • Security Information Event Management Systems
  • Security Incident Response
  • Project Management
  • Vulnerability Management
  • Systems/Requirements Engineering
  • Security Concepts
• Previous experience in HVAC Industry or other service business preferred
• Solid "hands on" technical experience is essential

Physical requirements:

• Continuously able to work in office environment
• Continuously able to operate a computer and other office productivity machinery, such as a copy machine, telephone, and computer printer
• Continuously able to sit at a computer for up to 8 hours
• Able to alternate between sitting and standing, as needed throughout the day
• Occasionally able to lift up to 15
• Continuously requires vision, hearing, twisting, and talking
• Occasionally requires walking, lifting, carrying, reaching, kneeling, pushing/pulling, bending, and crouching
• Rarely requires climbing

Other requirements:

• May be required to use personal smartphone with a camera capable of reading a QR code for 2 factor authentication

---