Company Overview
Sims Metal (Sims) is a global leader in metal recycling. With facilities across the globe, Sims plays an intrinsic role in the circular economy by making resources available for future use. As responsible corporate citizens, we continuously seek new ways to broaden our participation in the environmental sector, ensuring that our future is as bright, safe, and secure as ever in our long history.
Summary
We are seeking a Cybersecurity Analyst to join our team at Sims Limited. In this role, you will be instrumental in safeguarding our IT infrastructure and ensuring the security of our operations across multiple global facilities. Your expertise will contribute to our mission of responsible resource management and environmental stewardship.
General Responsibilities
- Support onboarding/configuration of Disconnected and Connected applications to Saviynt
- Support risk remediation and mitigation campaigns using Saviynt
- Support access reviews using Saviynt
- Support ruleset management in Saviynt
- Strong collaboration skills for working with application stakeholders on application security
- Ability to work in global time zones including NA, APAC, and EU as needed. Primary work will be in NA (Chicago)
- Ability to communicate information security matters to managers, auditors, end users, and engineers
- Ability to quickly understand systems to identify and validate security requirements.
- Strong analytical skills, documentation creation skills (presentations and policies), and awareness of change management practices
- Handle highly confidential information in a strictly professional manner
- Able to work outside regular business hours as required, working with different time zones regularly.
- Assist with interactions with business leadership and users to gather and document business and technical requirements (both functional and non-functional)
- Ensure proper documentation and traceability of the business requirements through the solution design and delivery process
- Provide problem resolution of customer issues reported via the IT Service Desk System
- Assist with updating and maintaining cybersecurity policies and standards regarding compliance, education, and security awareness
- Willingness to learn and expand knowledge and capability in new areas as needed
GRC Duties
- Proficient with GRC (Governance, Risk & Compliance) access management tools (e.g., Saviynt EIC)
- Provisioning/de-provisioning users into enterprise ERP applications (including S4/HANA, D365, etc.) or the ability to onboard target applications into the Saviynt EIC tool
- Familiarity with provisioning emergency access (Firefighter) and privileged access management (PAM)
- Experience with management and monitoring of privileged access to all SAP applications, and other cloud-based applications
- Identification and reporting of user segregation of duty (SoD) issues across global applications.
- Working with internal/external auditors to resolve security issues
- Research and document cybersecurity policy exceptions and ensure compliance
Cybersecurity Duties
- Work with our MSSP to preview and prepare vulnerability reporting for distribution to our Infrastructure team for remediation.
- Assist with updating and maintaining cybersecurity policies and standards regarding compliance, education, and security awareness
- Set up, deploy, and report on phishing campaigns and remediation training.
- Prepare bi-annual cybersecurity awareness training and work with the LMS department to set up cybersecurity content from our training partner.
- Work with information systems stakeholders and administrators to understand their security needs.
- Assist with maintaining our IT policy library and annual policy review/renewals.
- Perform research for best practices cybersecurity practices and develop new IT policies to address current security trends.
Core Responsibilities:
- Ability to work both alone and as part of a team environment.
- Work with our users to ensure compliance with all corporate IT policies, procedures, and initiatives.
- Stay up to date with the latest Cybersecurity and GRC vulnerabilities and software.
Education/Work-Related Experience/Skills
- Proven experience as a Cybersecurity Analyst
- Cybersecurity certifications preferred
- AA or bachelor’s degree preferred, but not required
- Minimum of 2 years experience in IT security in an enterprise environment
- Working experience provisioning cloud applications (e.g., S4/HANA, D365, etc.)
- Cybersecurity skills including analyzing vulnerability reports for determining a remediation plan.
- Technical writing including policy and procedural documents.
- Knowledgeable with MFA and authentication processes and protocols
- Familiarity with authentication services, as well as PKI and token/certificate-based authentication, DNS, and AD structure
- Working knowledge of information systems security standards/practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling, CIS)
- Understanding security frameworks such as ISO 27001, NIST CSF, GDPR, etc.
- Meaningful hands-on experience with GRC tools and SAP is required.
- Security awareness and phishing campaign management and reporting
- Working knowledge of vulnerability management processes and KPI's
- A thorough understanding of technology, tools, policies, and standards related to security systems and incident response
- Solid technical knowledge of Windows and networking environments
- Excellent problem-solving skills with attention to detail.
Sims Limited is proud to be an equal opportunity employer. We value the diversity of all employees and are committed to creating an inclusive working environment where everyone can contribute, advance on merit, and realize their full potential. The company does not discriminate regarding race, sex, religion, color, national origin, citizenship status, disability, age, marital or familial status, sexual orientation, gender identity, gender expression, veteran status, housing status, source of income, or any other status protected by federal, state, or local laws. This applies to any employment decision, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Qualified applicants with a disability needing a reasonable accommodation may request such without fear of reprisal or discrimination.
If you are passionate about cybersecurity and eager to make a difference in the recycling industry, we invite you to apply today and help us secure our future at Sims Limited. To learn more about Sims Limited, please visit www.simsltd.com for more information on Sims and its commitment to sustainability.
Job Type: Full-time
Pay: $80,000.00 - $105,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Flexible spending account
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Parental leave
- Vision insurance
Compensation Package:
Schedule:
Application Question(s):
- Will you now, or in the future, require sponsorship for employment visa status (e.g. H-1B visa status)?
- Are you familiar with provisioning/deprovisioning users into enterprise ERP applications (including S4/HANA, D365, etc.) or ability to onboard target applications into Saviynt EIC tool?
Experience:
- GRC: 3 years (Required)
- Saviynt: 3 years (Required)
License/Certification:
- Cyber Security Certifications (Required)
Work Location: Remote
