MWV and RockTenn have come together to form WestRock. WestRock makes consumer and corrugated packaging solutions that give our customers a winning edge in the global marketplace. We partner closely with customers on everything from beverage packs and pizza boxes to trigger sprayers and fragrance pumps to paperboard used for a wide variety of packaging and shipping containers. We consider ourselves to be part of their team – as we strive for continuous improvement together.
Every day, our 42,000 team members combine practical innovations and rigorous execution in about 275 operating and business facilities across North America, South America, Europe and Asia to deliver products and services that answer unique local needs. We expect to win as a company and lead the industry by achieving success together with our customers, employees and investors.
Norcross, Georgia/Information Technology
Engineer, Information Security
The Information Security Engineer is responsible for developing and implementing information security solutions and trouble-shooting anomalies in Security monitoring systems and network and infrastructure systems that interface and provide information to the Security Monitoring systems.
They are also responsible for supporting numerous security technologies, including vulnerability scanning, multi-factor authentication systems, network and perimeter monitoring, and the systems related to Managed Security Services (log and event information, alerts, and connections of systems providing logs and alerts). Experience in additional technologies NAC, MDM, IAM, and Elevated Privileges Access Management is desired.
This position also provides assistance and instruction for Information Security Analysts in the operation of security tools and technologies, and in trouble shooting and remediating security vulnerabilities and issues.
How you will impact WestRock
Ensures Security Processes and Architecture support the security objectives of the company as well as compliance requirements
- Oversees implementation of policies to ensure resources are adequately protected with proper security measures
- Identifies areas where existing security architecture requires improvement and develops proposals, processes and implementation plans
- Provides technical expertise and guidance on the administration of security tools that control and monitor information security
- Develops and evolves all digital and process security as it relates to Compliance requirements
- Provides oversight to the Threat & Vulnerability Management Program
- Maintains current knowledge of the Threat environment and applicability to the company and its environment
- Ensures vulnerability assessments and penetration tests of the network and system environment are complete and accurate
- Participates in the remediation processes and actions meet agreed upon SLA’s, policies and compliance requirements
- Participates in the management of security in the application development SDLC process, including aiding in the configuration of application vulnerability testing
- Conduct periodic security meetings to drive resolution of information security issues
- Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary
Drives security and risk posture in addition to process improvement within IT Operations and Infrastructure
- Provides Security Support for Enterprise-Wide Application and Infrastructure-Related Projects
- Researches, recommends, and cost-justifies enterprise-wide security hardware and software systems that provide security functions
- Coordinates a centralized approach to regulatory compliance activities, within the framework established in the enterprise IT program
Serves as a Technical Resource for the Information Security Function
- Provides technical expertise to the resolution of information security issues
- Participates in infrastructure projects to develop specifications for complex network security/protection technologies for company information and network systems/applications
- Participates in the evaluation of vendor proposals, new and existing security designs, and emerging security technologies and systems
- Assists the Information Security team in the development and maintenance of a security awareness program
- Mentors others in the Security team on technical and professional issues
Performs other duties as assigned
What you will need to succeed:
Education and Experience
- BA or BS in Computer Science, Information Management, or related field, or equivalent experience
- Ten years or more of related work experience in Information Security and/or Information Technology
- Knowledge of Privacy/Security Regulations and Sarbanes-Oxley IT control standards
- Strong understanding of Information Security frameworks, processes, technologies, and practices, including NIST and ISO27xxx standards
- Information Security Certification(s) with demonstrated work experience preferred. Desired certifications include: CISSP, SANS, CCNA
- Must possess excellent written and verbal communication, organization, decision-making, advanced problem solving, and presentation/training skills; as well as initiative, adaptability, and customer focus.
- Must possess the ability to build positive team relationships with all levels of individuals at the facility/division, and corporate levels.
Physical Requirements/Working Conditions
Works in a professional office setting with a minimal amount of travel. Must read, write, and speak the English language. Must have normal (or correction to normal) sight, hearing, and manual dexterity. Physical demands include standing, sitting, and walking.
If this sounds great to you and you think you fit in, please submit your application. We want to hear from you!
WestRock Company is an Equal Opportunity Employer committed to creating and maintaining a diverse workforce: Minorities/Females/ Disabled/Veterans.
For Immediate Placement - Andrew Raynor Dover New Hampshire