Join the best in the industry at Nextech and embark on a rewarding career journey! For over 30 years, we've built our success on a foundation of Quality, Value, and Integrity, fostering enduring partnerships with thousands of satisfied customers. With over 2,000 team members nationwide, Nextech sets itself apart from other companies by being America's largest HVAC/R service provider.
As we continue to grow, we're committed to offering an exceptional work experience for our employees with numerous opportunities for development and advancement. If you pride yourself on quality work, integrity, and dedication, we want you on our team. Nextech boasts outstanding review ratings on Indeed and Glassdoor, making it the premier destination for HVAC professionals. Elevate your career by joining Nextech today!
Role:
The Senior Cybersecurity Analyst will participate strategically and tactically in the overall planning, organizing, and execution of all Information Technology Security functions for Nextech. This hands-on position requires a flexible, well-rounded individual, who is comfortable operating within an IT Cybersecurity team as they build and implement Nextech's Cybersecurity strategy.
Nextech is seeking a strong technical Analyst with the ability to execute as well as grow and advance our Cybersecurity program. This is a unique opportunity to continue to build on a solid foundation, shape your future, and help build a high performing Security Program with the opportunity to grow your career.
Benefits:
Paid Training & Ongoing Development - Invest in your career with fully paid initial and continuous training.
Top-Tier Health Insurance - Choose from excellent options, including a FREE employee-only plan.
Dental & Vision Coverage - Prioritize your overall health with added benefits.
Supplemental Insurance Options - Access Accident, Critical Illness, Disability, and Supplemental Life coverage.
FREE Life Insurance - Coverage equal to your annualized pay at no cost to you.
401(k) Retirement Plan - Secure your future with a 50% match on the first 6% of your contributions.
Generous Time Off - Recharge with 7 paid holidays, and Paid Time Off (PTO).
Min CompensationUSD $82,000.00/Yr. Max CompensationUSD $112,000.00/Yr. Responsibilities
Participates in the continued development of Nextech's security program, strategies, roadmaps and standardization following industry best practices
Provides system security subject matter expertise input and recommendations to IT & Development teams
Security compliance & vulnerability scanning/remediation across multiple platforms and networks
Manages security efforts, including but not limited to access control, monitoring configuration, security patch testing, configuration management and incident response
Translates cyber-threat intelligence into actionable mitigation plans
Partners with IT support groups & DevOps Teams to remediate security vulnerabilities, establish best practices, and build sustainable Cybersecurity programs
Conducts research and makes recommendations on products, services, and standards in support of all global infrastructure security efforts
Develops and maintains appropriate response playbooks, facilitates routine exercises, and ensures a sound communication process for all cyber events
Works directly with Managed Detect and Response (MDR) vendor to ensure timely alerting, remediation/incident response, and Root Cause | Corrective Actions
Completes assigned tasks in a safe, accurate, thorough, and alert manner
Upholds Company policies and procedures
Works in a professional manner with managers, supervisors, coworkers, customers, and the public
Other related job duties as assigned
Qualifications
Participates in the continued development of Nextech's security program, strategies, roadmaps and standardization following industry best practices
Provides system security subject matter expertise input and recommendations to IT & Development teams
Security compliance & vulnerability scanning/remediation across multiple platforms and networks
Manages security efforts, including but not limited to access control, monitoring configuration, security patch testing, configuration management and incident response
Translates cyber-threat intelligence into actionable mitigation plans
Partners with IT support groups & DevOps Teams to remediate security vulnerabilities, establish best practices, and build sustainable Cybersecurity programs
Conducts research and makes recommendations on products, services, and standards in support of all global infrastructure security efforts
Develops and maintains appropriate response playbooks, facilitates routine exercises, and ensures a sound communication process for all cyber events
Works directly with Managed Detect and Response (MDR) vendor to ensure timely alerting, remediation/incident response, and Root Cause | Corrective Actions
Completes assigned tasks in a safe, accurate, thorough, and alert manner
Upholds Company policies and procedures
Works in a professional manner with managers, supervisors, coworkers, customers, and the public
Other related job duties as assigned
Required Knowledge, Skills, and Abilities:
Advanced knowledge of internetworking and Windows client/server security concepts, best practices, and procedures
Broad understanding of all aspects of IT and enterprise systems interoperability
Ability to communicate technical topics (verbal and written) to multiple organizational levels
Ability to perform Pre-Audit cybersecurity tasks
Demonstrated personnel/project management skills
Able to conduct research into issues and products as required
Ability to prioritize and execute tasks in a fast-paced environment and make sound decisions in emergency situations
Highly self-motivated and directed
Proven analytical and problem-solving abilities
Strong customer service orientation
Ability to work globally in a team-oriented environment
Excellent interpersonal written and oral communication skills
Proficient in Microsoft Office including advanced skills in Excel (Pivot tables, Vlookup, Macros, If Statements, Formulas)
Ability to coordinate, contribute to and work within a cross-functional team
Ability to thrive in a dynamic and fast-paced environment
Able to prioritize duties and manage multiple projects from start to finish with minimal supervision
Must possess the ability to take initiative to complete assignments and job responsibilities with minimal supervision
Exceptional attention to detail and excellent organizational skills
Education and Experience:
BS/BA degree from a four-year accredited university or college in Information Security, IT Engineering, or Computer Science and/or Eight (8) years relevant work experience
CISSP, SANS, GIAC, CISM, CISA are preferred
Experience with IPS/IDS, IaaS/SaaS environments
5+ cumulative years' experience in the following:
Security Risk Analysis / Threat and Risk Analysis
Security Information Event Management Systems
Security Incident Response
Project Management
Vulnerability Management
Systems/Requirements Engineering
Security Concepts
Previous experience in HVAC Industry or other service business preferred
Solid "hands on" technical experience is essential
Physical requirements:
Continuously able to work in office environment
Continuously able to operate a computer and other office productivity machinery, such as a copy machine, telephone, and computer printer
Continuously able to sit at a computer for up to 8 hours
Able to alternate between sitting and standing, as needed throughout the day
Occasionally able to lift up to 15
Continuously requires vision, hearing, twisting, and talking
