Senior Incident Investigator - Cyber Security in Pittsburgh, PA at Arconic

Date Posted: 10/30/2019

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    201 Isabella Street
    Pittsburgh, PA
  • Job Type:
  • Experience:
    At least 1 year(s)
  • Date Posted:
    10/30/2019

Job Description

Arconic (NYSE: ARNC) creates breakthrough products that shape industries. Working in close partnership with our customers, we solve complex engineering challenges to transform the way we fly, drive, build and power. Through the ingenuity of our people and cutting-edge advanced manufacturing techniques, we deliver these products at a quality and efficiency that ensure customer success and shareholder value.

In the first half of 2020 Arconic will separate into two stand-alone industry-leading public companies.  Each will have significant global reach.  To learn more about this exciting transformation, visit our website.
 
Arconic is currently in search of a Senior Incident Investigator, Cyber Security to join the Global Information Systems group in Pittsburgh, PA.


Arconic (NYSE: ARNC) creates breakthrough products that shape industries. Working in close partnership with our customers, we solve complex engineering challenges to transform the way we fly, drive, build and power. Through the ingenuity of our people and cutting-edge advanced manufacturing techniques, we deliver these products at a quality and efficiency that ensure customer success and shareholder value.
 
This position has global (domestic and international) accountabilities for all location operating units as well as GIS worldwide.  Primary purpose is to provide specialist-level support for the company's cyber security initiatives, projects, and ongoing activities.
 
 Major Activities/Key Challenges
 
Support development of a cyber security architecture plan for the company, including:
  • Ensure compliance with Arconic's Global Information Systems cyber architecture and processes and all supporting tools, technology, and organizational components
  • Support daily and emergency help chain to business and resource units on the execution of the company’s cyber security requirements.
  • Supports site assessments and threat analyses for Arconic corporate and locations.
  • ​Assists in knowledge transfer across location and regions
  • Supports maintenance of ongoing contacts and linkages with outside parties for the purpose of bench-marking cyber architecture, regularly testing both the principles and overarching designs.
Under the general direction of the company's Chief Information Security Officer, supports change and transformation from the company’s current cyber security program to more secure states.
  • Standards and governance for data and asset protection
  • State-of-security awareness that is measured, tracked, analyzed, and reported
  • Awareness, communication, and education for Arconic locations and employees
  • Supports the development of a formal cyber security risk assessment program.
  • Supports and assists in maintaining a vulnerability/gap/response assessment program.
  • Supports the ongoing maintenance of the cyber Kill Chain for the company, focusing on phases of cyber-attack and remediation/mitigation for each phase.
  • Supports development and maintenance of cyber security architecture of the company, including IT and Business/Process Control networks.
  • Supports the deployment of the cyber security architecture for infrastructure and applications worldwide.
  • Supports the ongoing development of the cyber security architecture to ensure that the architecture consistently addresses current and emerging cyber threat.
  • Supports the development and ongoing enforcement of standards for application security, both for development and production systems.
  • Supports the development and ongoing maintenance of standards for third party and supply chain cyber security and health.
  • Participates in benchmarks with like companies and other entities to test the cyber architecture.
  • Supports the daily incident identification, assessment, and response for the company's Security Information and Event Management System (SIEM).
  • Supports ongoing initiatives to develop, collect, and analyze integrated logs for the SIEM to assist in forensic analysis and cyber event response.
  • Supports ongoing activities to develop, communicate, and support appropriate standards and risk controls associated with digital data.
  • Supports the development and maintenance of a company Data Protection program.
SKILLS
 
​Demonstrated experience in and exposure to cyber security risk and mitigation strategies, technologies, programs, and operations.
  • Self-driven with an acute sense of urgency. 
  • Ability to create and think through complex technical problems and identify and resolve gaps / risk.
  • Organizational skills and discipline to build and maintain structured plans.
  • Ability to objectively view and assess cyber security alternatives.
  • Interpersonal skills to manage often difficult or highly technical conditions.
  • Results driven and accountable for actions.
  • Approachable - easy to talk to, puts others at ease.
  • Works equally well whether independently or as part of a physical or virtual, global team
  • Able to forge strong, trusting collaborative relationships
  • Sound investigation skills.
  • Ability to work with data of highest sensitivity in complete confidence
  • Experience valuing a diverse workforce and inclusive work environment.
  • Views safety as a way of life.
 
#LI-KV1


Qualifications

Basic Qualifications:
  • Associates’ degree from an accredited institution.
  • Minimum of 1 year experience in IT Cyber Security
  • Employees must be legally authorized to work in the United States.  Verification of employment eligibility will be required at the time of Hire.  Visa sponsorship is not available for this position. 
Preferred Qualifications:
  • Bachelors’ degree in Computer Science/IT/IS, Business, Math, Finance, Engineering, Economics or Accounting from an accredited institution
  • 2 years’ experience in IT Cyber Security
  • Demonstrated experience in and exposure to cyber security risk and mitigation strategies, technologies, programs, and operations.
  • Self-driven with an acute sense of urgency. 
  • Ability to create and think through complex technical problems and identify and resolve gaps / risk.
  • Organizational skills and discipline to build and maintain structured plans.
  • Ability to objectively view and assess cyber security alternatives.
  • Interpersonal skills to manage often difficult or highly technical conditions.
  • Results driven and accountable for actions.
  • Approachable - easy to talk to, puts others at ease.
  • Works equally well whether independently or as part of a physical or virtual, global team
  • Able to forge strong, trusting collaborative relationships.
  • Sound investigation skills.
  • Ability to work with data of highest sensitivity in complete confidence.
  • Experience valuing a diverse workforce and inclusive work environment.
  • Views safety as a way of life.