Veolia Group aims to be the benchmark company for ecological transformation. With nearly 220,000 employees worldwide, the Group designs and provides game-changing solutions that are both useful and practical for water, waste and energy management. Through its three complementary business activities, Veolia helps to develop access to resources, preserve available resources and replenish them. In 2021, the Veolia group provided 79 million inhabitants with drinking water and 61 million with sanitation, produced nearly 48 million megawatt hours and recovered 48 million tonnes of waste. Veolia Environnement (Paris Euronext: VIE) achieved consolidated revenue of 28,508 billion euros in 2021. www.veolia.com
The Cybersecurity Analyst is responsible for performing vulnerability management to improve the company's IT security posture. The analyst is also responsible for maintaining and using the vulnerability management tools as well as providing reports to the target owners with a detailed remediation process. The analyst is also responsible for handling any tickets that are assigned to them as well as mitigating/remediating any incidents that have occurred in a timely manner.
PRIMARY DUTIES / RESPONSIBILITIES
- Administer IT Security systems including End Point Detection & Response, Data Loss Prevention, Intrusion Detection and SIEM.
- Serve as an escalation point for security related tickets from the service desk.
- Enforce IT security standards and best practices as well as recommend security enhancements to systems, network, and cloud environments.
- Influence development of vulnerability management standards and security policies.
- Review vulnerability management processes, suggest applicable change controls and security exceptions.
- Provide weekly reporting of cybersecurity incidents and events.
- Perform vulnerability assessments against company assets.
- Maintain and use vulnerability management tools.
- Provide reports to target owners with remediation steps.
Education / Experience / Background
- Degrees are encouraged but not required
- CompTIA Network+ or equivalent
- CompTIA Security+ or equivalent
- CompTIA CySA+ or equivalent
- Broad understanding of Cybersecurity concepts.
- Understanding of Tactics, Techniques, and Procedures (TTPs) of modern adversaries.
- Familiarity with SIEM and EDR technologies.
- Familiarity with databases, network, virtualization, cloud computing, OT operations, concepts and design.
- Experience with configuring and operating an enterprise class anti-virus / anti-malware system including policy, scanning and remediation activities.
- Experience conducting and participating in cybersecurity related investigations and incidents.
- Experience evaluating application and IT infrastructure for risk and threat assessment.
- Experience with evaluating vulnerability and threat information to assess, measure and prioritize mitigations based on risk.
Knowledge / Skills / Abilities
- Strong communication skills, both written and verbal, to write and present findings to owners, to help them understand and mitigate.
- Researching and understanding vulnerability assessment findings.
- Creating and disseminating assessment results into clear, simple reports and dashboards.
- Networking knowledge ( addressing, hostnames, TCP/UDP service ports, etc.)
- Knowledge of applications and operating systems to understand vulnerability results.
- Knowledge of cybersecurity principles, best practices, and concepts.
- Knowledge of vulnerability management programs and patch management systems
A subsidiary of Veolia group, Veolia North America (VNA) offers a full spectrum of water, waste and energy management services, including water and wastewater treatment, commercial and hazardous waste collection and disposal, energy consulting and resource recovery. VNA helps commercial, industrial, healthcare, higher education and municipality customers throughout North America. Headquartered in Boston, Mass., Veolia North America has more than 10,000 employees working at more than 350 locations across the continent.