
[The logo is protected from the company]
Cliffs Natural Resources Inc.
Cliffs Natural Resources Inc. (NYSE: CLF) (Paris: CLF) is an international mining and natural resources company. * The largest producer of iron ore pellets in North America. * A major supplier of direct-shipping lump and fines iron ore out of Australia. * A significant producer of high and low volatile metallurgical coal. Driven by the core values of social, environmental and capital stewardship, Cliffs associates across the globe endeavor to provide all stakeholders operating and fi... Read More
Address | 200 Public Sq # 3300, Cleveland, OH |
Website | www.cliffsnaturalresources.com |
Holding | No Holding Details |
View Company Page
IT Vulnerability Management Sr Analyst
Description
This vulnerability management analyst evaluates and monitors information security related configurations, processes and controls across the company. This role researches, recommends and implements changes to enhance information systems security and monitoring capabilities. The incumbent will interface with low level technical resources as well as senior management and mine site resources.
This role leads small to large initiatives to enhance the security of the organization which is composed of over 1000 network devices supporting 5,000+ end users. This role will provide support to projects and work with project teams across many different technical disciplines and geographic locations.
This role will also identify and investigate anomalies and produces status reports and metrics reflecting the current state of security within the company. This may include performing forensic captures in accordance with defined procedures and chain of custody requirements.
This role will be responsible for tuning, monitoring and responding to a centralized Security Event Management system.
This role is the SME for Vulnerability Management and requires the individual to develop peers’ and junior staff members’ knowledge base. Specifically, this role will:
* Responsible for the security event management process including monitoring, logging, alerting, auditing and reporting on threats, vulnerabilities and breaches. Determine the appropriate thresholds and monitor the environment for anomalous behavior using SEMS, VMS and IPS/IDS
* Conducts reviews of security related device configurations (i.e. Firewall Rulesets, Router/Switch configurations etc…) to identify insecure or out of compliance configurations
* Reviews security configurations and functionality of intranets, servers, applications, databases, and other relevant parts of the company’s infrastructure
* Coordinates internal and external focused information security assessments to provide for an independent validation of the companies state of security. Track and communicate these assessment findings
* Identify and produce metrics and scorecards that represent the current state of information security related vulnerabilities and mitigating controls
* Acquires and maintains knowledge of current Cliffs Natural Resources standards, policies, procedures and audit requirements. Communicates with intra and inter-department team members as required, as well as members of Cliffs Natural Resources’ technical and project management teams
* Identifies and evaluates potential threats and vulnerabilities (either detected internally or publicly announced) that could impact the companies applications or infrastructure and recommends mitigating controls to reduce the companies risk
* Coordinates and executes pre-production vulnerability scanning (penetration testing) activities to identify weaknesses in applications prior to their turnover
* Provides technical advice, guidance and assistance for e-discovery requests and investigations related to information security events. Assists with the documentation of such events
* Maintain workable knowledge and understanding of information security, risk management and regulatory compliance topics. Maintains professional/technical currency of information security knowledge
* Perform additional duties as directed by the Director of Information Security and GRC
* Act as a back-up for other team members when required to do so
Education:
* Bachelor’s Degree in a related field required from an accredited 4 year College
* Certified Information Systems Security Professional (CISSP) designation or related designation preferred
Experience:
* Demonstrated experience working on projects, training, designing process solutions, and directly interacting with customers
* Ability to respond to emergency service calls at any time outside of normally assigned work hours
* Knowledge and understanding of current information security techniques and technologies as well as the methods used in performing risk analyses and assessments. Experience with conducting comprehensive threat and risk assessments of IT systems, applications, and networks
* Strong experience with vulnerability management toolsets, hacking toolsets and security event management systems
* Experience with conducting security assessments and using hacking tools in a controlled corporate environment
* Proven experience documenting systems configurations, processes and procedures
* Ability to communicate with and understand the needs of non-technical constituents, both internal and external
* Willingness to travel up to 10%, including international travel, and be flexible to work various hours to accommodate international business needs
* Familiarity with the following technologies: authentication, authorization, privilege management, access control, firewalls, virtual private networking, and computer network defense, firewall and router configuration, switches, secure network architecture, VPNs, PKI, TCP/IP, IPSEC, SSL, SSH, VPN, Ethernet, SMTP, FTP, WAN, Radius, F5, Cisco PIX, XML, HTML, SNORT, Sniffer technologies, Windows 2000/NT, Solaris, AIX, HP-UX, Qualys, Linux, Checkpoint, MS Exchange, Active Directory, LDAP
* 10+ years IT experience with several years of vulnerability management experienc preferred.
Other Job Information
Vacancy type: |
Full Time | Contact Mode: |
not provided |
Fax: |
216-694-4880 | Contact Name: |
not provided |
Job Duration: |
not provided | Phone: |
216-694-5700 |
Email: |
jessica.moran@cliffsnr.com |
TalentOne Job Information
Information Technology IT Systems Network Administrator
Open Jobs - Cliffs Natural Resources Inc.
- Administrative Assistant
- Administrative Assistant North American Exploratio
- Business Improvement Manager
- Chemical\Metallurgical Engineer May 2013
- Chemical\Metallurgical Engineering Internship Summ
- Civil Engineer May 2013
- Civil Engineering Internship Summer 2013
- Electrical Engineer May 2013
- Electrical Engineering Internship Summer 2013
- Electrical Supervisor
- Electrical\Instrumental Maintenance Technician
- FerroChrome Production Facility
- Geological Engineering Internship Summer 2013
- HR Business Partner
- Industrial Electrician
- IT Audit Manager
- IT Risk & Compliance Sr Analyst
- IT Vulnerability Management Sr Analyst
- IT Vulnerability Management Sr Analyst
- Maintenance Technician
- Manager Ferroalloys Finance
- Manager Inventory Control
- Mechanical Engineer May 2013
- Mechanical Engineering Internship Summer 2013
- Metallurgical Engineer
- Mine Maintenance Technician
- Mine Operations Supervisor
- Mine Operations Technician
- Mine Site & Processing Facility
- Mine Surveyor\Technician
- Mining Engineer
- Mining Engineer May 2013
- Mining Engineering Internship Summer 2013
- Mobile Equipment Maintenance Supervisor
- Mobile Equipment Maintenance Supervisor
- Operations Training Coordinator
- Plant Operations and Maintenance Technician
- Plant Operations Technician
- Process Engineer
- Project Geologist
- Project Manager Mine Expansion
- Reliability Engineer
- Reliability Engineer Electrical
- Section Manager Mine Engineering
- Section manager Railway operations
- Senior Mine Geologist
- Senior Supervisor Payroll
- Senior Tax Analyst
- Staff Accountant
- Weldor
News - Cliffs Natural Resources Inc.
Related Jobs

Senior Business Applications Administrator
QUALCOMM's Government Technologies (QGOV) division devel ... [more]