Cybersecurity Analyst

Colonial Group, Inc. is a multigenerational, family-owned parent company overseeing a diverse portfolio of subsidiaries. Through our strategic infrastructure, logistics expertise, and a broad range of products and services, we create significant value for our customers while driving innovation and operational excellence.

The Cybersecurity Analyst will be responsible for protecting the organization’s IT infrastructure, applications, and data from cyber threats. This role involves monitoring, analyzing, and responding to security incidents, implementing security measures, and supporting compliance efforts across multiple business units. The ideal candidate is proactive, detail-oriented, and capable of collaborating with cross-functional teams to ensure a robust security posture.

JOB EXPECTATIONS/DUTIES

- Threat Monitoring and Incident Response:

- Monitor security alerts using SIEM tools (e.g., Splunk, Microsoft Sentinel) to detect and respond to potential threats.

- Investigate and mitigate security incidents, including malware, phishing, and unauthorized access attempts.

- Perform root cause analysis and document findings to prevent recurrence.

- Network and System Security:

- Evaluate vulnerability scans and coordinate remediation efforts with IT teams.

- Analyze network traffic for anomalies, including reconnaissance attempts.

- Implement and maintain security controls, such as firewalls, IDS/IPS, and endpoint protection solutions.

- Monitor email security systems and perform actions to both aid in ML and support end-user operations.

- Compliance and Policy Enforcement:

- Support compliance with regulations and standards (e.g., PCI, GDPR, NIST, USCG MTSA, etc.) across business units.

- Assist in developing and enforcing security policies, procedures, and best practices.

- Conduct risk assessments and audits to identify and address security gaps.

- Threat Intelligence and Research:

- Stay informed on emerging threats, vulnerabilities, and attack techniques relevant to the organization’s industry.

- Analyze threat intelligence feeds and apply findings to enhance security measures.

- Collaboration and Training:

- Work with business units to ensure secure configurations for applications and systems.

- Provide security awareness training to employees and promote a culture of cybersecurity.

- Collaborate with IT, OT, HR, legal, and compliance resources to align security initiatives with business objectives.

- Documentation and Reporting:

- Develop documentation related to security operations to include control objectives, process, procedure, policy, standards and guidelines.

- Maintain detailed records of security incidents, investigations, and remediation actions.

- Prepare reports for leadership on security metrics, incidents, and compliance status.

Special assignments or tasks assigned to the employee by their superior, as determined from time to time in their sole and complete discretion.

QUALIFICATIONS/REQUIREMENTS

- Minimum of 5 years of job-related experience are required.

- Bachelor’s Degree in Computer Science or related discipline, or an equivalent combination of education and job-related experience (four years) is required.

- Proficiency with SIEM tools (e.g., Splunk, Microsoft Sentinel), firewalls, email security systems, and endpoint security platforms.

- Experience with vulnerability management tools (e.g., Nessus, Qualys) and network analysis tools (e.g., Wireshark).

- Familiarity with cloud security (e.g., AWS, Azure) and securing hybrid IT environments.

- Basic scripting knowledge (e.g., Python, PowerShell) for automation is a plus.

- Strong analytical and problem-solving skills to investigate complex security incidents.

- Excellent communication skills to collaborate with technical and non-technical stakeholders.

- Ability to work independently and manage multiple priorities in a fast-paced environment.

- Understanding of enterprise environments with multiple business units and diverse IT systems.

- Knowledge of common attack vectors (e.g., ransomware, phishing, DDoS) and mitigation strategies.

- Willingness to participate in on-call rotation for incident response.

- Experience supporting organizations with 500+ employees preferred.

- Familiarity with compliance frameworks specific to the industry (PCI DSS, NIST 800-53, GDPR) preferred.

- Hands-on experience with threat hunting and forensic analysis preferred.

- May lead employees or third parties in addition to temporary staff assigned during special project efforts.

Office based with travel up to 30% of time by land or air is required. From time to time, required to work long hours, which may include nights, weekends, holidays for regularly scheduled maintenance and emergency work and support as well as on-call availability. At times, required to work in refinery/industrial environment, including but not limited to, work near moving mechanical parts and/or rotating equipment, loud noise or vibrations and varying road conditions. At times, may be exposed to risk of electrical shock.

Physical Requirements:

Job conditions require standing, walking, sitting, twisting, stooping, crouching, kneeling, lifting or carryings, pushing or pulling up to 50 lbs., climbing up to 15ft, working in confined spaces, talking or hearing, making visual inspections, making precise hand and finger movements, reaching or grasping; perceiving color differences; ability to wear personal protective equipment.

Eligibility Requirements: Hiring is contingent upon eligibility to work in the United States.

Colonial Group, Inc. is committed to creating an environment that values and supports diversity and inclusiveness across our organizations. We encourage applications from qualified individuals who will help us achieve this mission. Colonial Group, Inc. prohibits discrimination of and will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.