MWV and RockTenn have come together to form WestRock. WestRock makes consumer and corrugated packaging solutions that give our customers a winning edge in the global marketplace. We partner closely with customers on everything from beverage packs and pizza boxes to trigger sprayers and fragrance pumps to paperboard used for a wide variety of packaging and shipping containers. We consider ourselves to be part of their team – as we strive for continuous improvement together.
Every day, our 42,000 team members combine practical innovations and rigorous execution in about 275 operating and business facilities across North America, South America, Europe and Asia to deliver products and services that answer unique local needs. We expect to win as a company and lead the industry by achieving success together with our customers, employees and investors.
Norcross, GA/ Information Technology
The Information Security Analyst provides support for IT Operations and users at WestRock through proactive monitoring of security and network reports on hosts on the network and the overall network infrastructure. Respond to requests and tickets to troubleshoot and resolve information security issues. Work with users to remediate affected hosts, and with IT personnel to address other security issues. Document security issues and action taken, and prepare security management reports including organizational security metrics. This role will perform work per established operating policies and procedures. Maintain and improve upon documentation, provide support, notification and follow-through to business areas, internal customers and management.
Information Security Support
- Monitor information security systems that report on network health, host and configuration health.
- Monitor and act on security systems reporting on host anti-virus health, and security incidents.
- Monitory and report on system patching status, including operating systems, and third-party applications.
- Monitor and act on logs reporting access and potential inappropriate network or information access.
- Perform regular network scanning – both internal and external.
- Support information security Monitoring and Reporting systems.
- Develop and prepare Monthly Information Security Metrics reports.
What you need to succeed:
Applies Information Security Knowledge
Maintains and applies specific knowledge of information security elements (hardware, software, network) and their application to business functions/processes.
- Demonstrates an understanding of the basic need for information security in a business; demonstrates awareness of the primary uses of technology by business representatives, demonstrates a basic understanding of the systems of the enterprise.
- Demonstrates an understanding of the strategy, structures, processes and procedures of the enterprise in its relationship with the business and its activities; identifies business representatives affected by information systems with some assistance.
- Demonstrates knowledge of the strategy, structures, processes, procedures and key technical elements of the enterprise; exhibits knowledge of the primary business representatives of the enterprise and the technical elements supporting them; describes the business delivery impact of system reliability.
- Shares information about the strategy, structures, processes, procedures and key technical elements of the enterprise; translates knowledge of the interrelationships between technical elements into security strategies; applies enterprise perspective and impact into business and business representative issues; plays a key role in the development and implementation of information security best practices.
Plans and completes work with thoroughness, giving attention to specific information and individual details, conditions, necessary record keeping, and elements of that work.
- Learns subjects thoroughly and in detail; supplies appropriate details when responding to questions; maintains organized files.
- Distinguishes between “big picture” comments and specialized, smaller facts associated with work; notes the specifics of events and experiences with assistance (specifics include who, what, where, when, why, and how); explains, in general, how details impact end goals or outcomes; works with others to ensure that work is completed accurately and with the appropriate level of detail.
- Completes work with thoroughness; maintains records and information in an organized manner.
- Recalls specific, accurate information about events or conversations; maintains detailed documentation and records information in appropriate repositories, e.g., ticketing system; maintains documentation that support the completion of work and retention of details / decisions; advises others in techniques to manage details and accurate records.
Applies Technology Knowledge
Applies knowledge of technology industry, trends, information security, and best practices to WestRock.
- Demonstrates a general understanding of information security and technologies used by the company; describes basic security technological concepts and terminology; applies this understanding in daily work.
- Recognizes the basic impact of technology on RockTenn business, services, and processes; works with others to identify technological barriers to achieving desired objectives; maintains appropriate breadth and depth of technological and security knowledge for current work assignment.
- Leverages technological knowledge to achieve business objectives, such as to solve problems, develop new ideas, or build the business; resolves technological issues impeding work; adapts technological information, facts, or data to varying situations or groups; recommends changes to security approach based upon knowledge of business, trends and best practices.
Applies Policy and Procedure Knowledge
Applies knowledge of WestRock policies, principles, and procedures that are relevant to a business area.
- Demonstrates a general understanding of company policies and procedures in a business area that affect employees on a day-to-day basis, specifically Enterprise Security Policies.
- Demonstrates an in-depth understanding of company policies and procedures in a business area that apply in routine and specialized/limited situations and how policies impact business results; identifies potential problems with applying specific security policies in particular environments.
- Assist in the preparation of Security Policy Exception requests and their submittal for approval consideration.
- Demonstrates a thorough understanding of most routine and some complex policies and procedures in the relevant business area; applies company policies and procedures in standard situations and correctly handles non-compliance issues. May provide input into policy/procedure development or modifications.
Presents ideas clearly both verbally and in writing so that others can understand. Listens attentively to others and tailor’s communications based on the audience. Presents a professional image when communicating with others.
- Organizes and presents his or her perspective in a logical manner; expresses ideas clearly; demonstrates proper grammar and word use in verbal and written communication; listens to others’ concerns or questions; presents ideas in routine or non-complex situations with confidence using decisive language, tone, and demeanor; adheres to professional appearance standards.
- Selects the most appropriate method to deliver communication; produces concise, well structured, and organized written and oral communication messages; tailors communication to different audiences so that the messages are understood; listens to and then summarizes others’ concerns to convey understanding; maintains poise and confidence when responding to more difficult communication situations.
- Clearly communicates differing viewpoints on complex conceptual issues in both verbal discussions and written documents; identifies and summarizes main points from an ambiguous communication; takes action to determine whether others understand; communicates in a way that generates excitement for topics, creates support for new ideas, and builds professional credibility with key organizational contacts through communications and professional presence.
- Influences and motivates multiple, diverse stakeholders through effective writing and speaking; presents complex ideas to others in a way that demonstrates understanding of their needs or concerns and motivates high level management to support initiatives; carefully monitors communications to maintain professionalism while establishing important relationships; provides advice to others on communication strategies or develops new communication strategies and approaches.
Responds to requests, problems, crises, and critical situations to discover the causes, document what was found, and identify responses or next steps.
- Identifies incidents; works with others to list requirements for initiating an investigation of various types of incidents; describes, generally, the procedures followed for investigating incidents.
- Applies established procedures for responding to routine incidents by type; collects and records information pertinent to incidents with some oversight; communicates resolutions or results to stakeholders with some guidance.
- Independently, analyzes information on typical types of incidents to determine causes and document findings; identifies patterns or links among or between incidents; directs next steps required by type of incident; recommends new approaches to incident investigation and response.
What you will need to succeed
Education and Experience
Bachelor’s Degree (B.A.) in Computer Science, Information Security or equivalent discipline – Preferred
Certifications in Security (Security+, SANS, ISC2, ISACA), Network (Cisco) – Preferred
Certifications in Operating Systems (Microsoft), Network Scanning (Nessus) – Preferred
If this sounds great to you and you think you fit in, please submit your application. We want to hear from you!
WestRock Company is an Equal Opportunity Employer committed to creating and maintaining a diverse workforce: Minorities/Females/ Disabled/Veterans.
For Immediate Placement - Andrew Raynor Dover New Hampshire