[The logo is protected from the company]

Cliffs Natural Resources Inc.

Cliffs Natural Resources Inc. (NYSE: CLF) (Paris: CLF) is an international mining and natural resources company.    * The largest producer of iron ore pellets in North America.    * A major supplier of direct-shipping lump and fines iron ore out of Australia.    * A significant producer of high and low volatile metallurgical coal. Driven by the core values of social, environmental and capital stewardship, Cliffs associates across the globe endeavor to provide all stakeholders operating and fi... Read More

Address      200 Public Sq # 3300, Cleveland, OH
Website      www.cliffsnaturalresources.com
Holding      No Holding Details

View Company Page
Apply to job

IT Vulnerability Management Sr Analyst


This vulnerability management analyst evaluates and monitors information security related configurations, processes and controls across the company. This role researches, recommends and implements changes to enhance information systems security and monitoring capabilities. The incumbent will interface with low level technical resources as well as senior management and mine site resources.

This role leads small to large initiatives to enhance the security of the organization which is composed of over 1000 network devices supporting 5,000+ end users. This role will provide support to projects and work with project teams across many different technical disciplines and geographic locations.

This role will also identify and investigate anomalies and produces status reports and metrics reflecting the current state of security within the company. This may include performing forensic captures in accordance with defined procedures and chain of custody requirements.

This role will be responsible for tuning, monitoring and responding to a centralized Security Event Management system.

This role is the SME for Vulnerability Management and requires the individual to develop peers’ and junior staff members’ knowledge base. Specifically, this role will:

    * Responsible for the security event management process including monitoring, logging, alerting, auditing and reporting on threats, vulnerabilities and breaches. Determine the appropriate thresholds and monitor the environment for anomalous behavior using SEMS, VMS and IPS/IDS
    * Conducts reviews of security related device configurations (i.e. Firewall Rulesets, Router/Switch configurations etc…) to identify insecure or out of compliance configurations
    * Reviews security configurations and functionality of intranets, servers, applications, databases, and other relevant parts of the company’s infrastructure
    * Coordinates internal and external focused information security assessments to provide for an independent validation of the companies state of security. Track and communicate these assessment findings
    * Identify and produce metrics and scorecards that represent the current state of information security related vulnerabilities and mitigating controls
    * Acquires and maintains knowledge of current Cliffs Natural Resources standards, policies, procedures and audit requirements. Communicates with intra and inter-department team members as required, as well as members of Cliffs Natural Resources’ technical and project management teams
    * Identifies and evaluates potential threats and vulnerabilities (either detected internally or publicly announced) that could impact the companies applications or infrastructure and recommends mitigating controls to reduce the companies risk
    * Coordinates and executes pre-production vulnerability scanning (penetration testing) activities to identify weaknesses in applications prior to their turnover
    * Provides technical advice, guidance and assistance for e-discovery requests and investigations related to information security events. Assists with the documentation of such events
    * Maintain workable knowledge and understanding of information security, risk management and regulatory compliance topics. Maintains professional/technical currency of information security knowledge
    * Perform additional duties as directed by the Director of Information Security and GRC
    * Act as a back-up for other team members when required to do so


    * Bachelor’s Degree in a related field required from an accredited 4 year College
    * Certified Information Systems Security Professional (CISSP) designation or related designation preferred


    * Demonstrated experience working on projects, training, designing process solutions, and directly interacting with customers
    * Ability to respond to emergency service calls at any time outside of normally assigned work hours
    * Knowledge and understanding of current information security techniques and technologies as well as the methods used in performing risk analyses and assessments. Experience with conducting comprehensive threat and risk assessments of IT systems, applications, and networks
    * Strong experience with vulnerability management toolsets, hacking toolsets and security event management systems
    * Experience with conducting security assessments and using hacking tools in a controlled corporate environment
    * Proven experience documenting systems configurations, processes and procedures
    * Ability to communicate with and understand the needs of non-technical constituents, both internal and external
    * Willingness to travel up to 10%, including international travel, and be flexible to work various hours to accommodate international business needs

    * Familiarity with the following technologies: authentication, authorization, privilege management, access control, firewalls, virtual private networking, and computer network defense, firewall and router configuration, switches, secure network architecture, VPNs, PKI, TCP/IP, IPSEC, SSL, SSH, VPN, Ethernet, SMTP, FTP, WAN, Radius, F5, Cisco PIX, XML, HTML, SNORT, Sniffer technologies, Windows 2000/NT, Solaris, AIX, HP-UX, Qualys, Linux, Checkpoint, MS Exchange, Active Directory, LDAP
    * 10+ years IT experience with several years of vulnerability management experienc preferred.

Other Job Information

Vacancy type:

Full Time

Contact Mode:

not provided



Contact Name:

not provided

Job Duration:

not provided





TalentOne Job Information

Information Technology IT Systems Network Administrator

Open Jobs - Cliffs Natural Resources Inc.

News - Cliffs Natural Resources Inc.

Related Jobs

Systems Administrator

Description • Responsibilities include:o Assist Support ...   [more]

Network Operator

This position requires that you work a 12 hour rotating ...   [more]

SAP System Supervisor

Job DescriptionNavarre Corporation connects strong brand ...   [more]

IT Stytems Administrator

DescriptionBASIC FUNCTIONS:  The role of the IT Systems ...   [more]

Network Analyst

DescriptionThe role of the Network Analyst includes but ...   [more]

Network Technician

DescriptionWe represent one of the most stable and faste ...   [more]

Applications Specialist

Responsibilities:·         Take an active role in the im ...   [more]

Senior Business Applications Administrator

QUALCOMM's Government Technologies (QGOV) division devel ...   [more]