Overview
USD 70.00 per hour
Full Time
Skills
SAFE
Incident Management
Security Awareness
Training
Vulnerability Management
Dashboard
IT Service Management
IT Management
Business Software
Threat Analysis
SANS
Media
Patch Management
Management
Documentation
Collaboration
Treasury
Information Security
Regulatory Compliance
Law
LAN
WAN
Vulnerability Scanning
Nessus
Virtual Private Network
Cryptography
Firewall
Intrusion Detection
IT Security
Sarbanes-Oxley
COBIT
ISO/IEC 27001:2005
NIST 800-53
Cyber Security
Electronic Commerce
Penetration Testing
OWASP
Intellectual Property
IP
Quantitative Analysis
Reporting
Microsoft Power BI
IBM Cognos Analytics
Project Management
Communication
Microsoft PowerPoint
Microsoft Excel
Microsoft Visio
Analytical Skill
Conflict Resolution
Problem Solving
Emerging Technologies
Mobile Device Management
Mobile Devices
Security Architecture
Cloud Computing
PaaS
SaaS
IaaS
Virtualization
IBM I
IBM iSeries
Threat Modeling
Identity Management
CyberArk
Payment Card Industry
Data Security
PCI DSS
Security+
Network+
CISA
Certified Ethical Hacker
Cisco Certifications
GSEC
Network
Distribution
Health Care
Job Details
Job Description
We Deliver the Goods:
Performance Food Group is looking for a talented Information Security Analyst to play a key role in overseeing aspects of PFG's Information Security Program. This role reports to the Manager of Information Security and partners with Infrastructure and Application teams in the definition of enterprise security architecture. The candidate will plan and carry out security measures to protect the organization's computer networks and systems. The candidate will administer multiple security capabilities/programs, partner with other organizations in overseeing the operation of security capabilities protecting end user systems, and perform technical assessments of applications and supporting infrastructure.
Position Responsibilities:
EEO Statement
Performance Food Group and/or its subsidiaries (individually or collectively, the "Company") provides equal employment opportunity (EEO) to all applicants and employees, regardless of race, color, national origin, sex, marital status, pregnancy, sexual orientation, gender identity, religion, age, disability, genetic information, veteran status, and any other characteristic protected by applicable local, state and federal laws and regulations. Please click on the following links to review: (1) our EEO Policy; (2) the "EEO is the Law" poster and supplement; and (3) the Pay Transparency Policy Statement.
Required Qualifications
Required Education: Associates/2-year technical
Required Experience: 1 - 3 Years
2+ years of related work experience
Conceptual understanding with network (LAN, WAN, Perimeter) security best practices
Conceptual understanding of vulnerability scanning utilities/solutions, specifically Tenable/Nessus
Conceptual understanding with traditional security concepts: VPN, Cryptography, Firewalls, Intrusion Detection
Conceptual understanding of IT security and assurance mandates/frameworks such as: Sarbanes-Oxley, CobIT, ISO 27001, NIST 800-53
Conceptual understanding with cybersecurity concepts and countermeasures; Securing ecommerce capabilities; Identity and Access Management concepts, processes, and tools; and penetration testing tools, concepts, attacks/exploits (e.g. OWASP top ten, IP spoofing, syn flood, DDOS etc.) and procedures
Able to conduct qualitative and quantitative analysis of large and complex data sets, experienced with desktop application and associated analytic/reporting utilities (MS Excel, MS Power BI, Cognos)
Proficient project management skills
Strong written and verbal communication skills
Strong MS Office skills (specifically PowerPoint, Word, Excel, Project, Visio)
Demonstrated high level of analytical and problem solving skills
Preferred Qualifications
Preferred Education: Bachelors
Preferred Experience: 3 - 5 Years
Security +, Network +, CISA, CEH, or GSEC professional certification desired
Technical experience with the following emerging technologies/concepts desired: Mobile Device Management, Mobile device security architecture, Security-related aspects of cloud architectures (PaaS, SaaS, IaaS), Virtualization, Advanced Persistent Threats
Experience with iSeries AS/400 (IBM i/ iSeries) security; Threat Modeling; Privileged user management tools (i.e. Cyberark) and processes; Microsoft SharePoint; Working in outsourced IT provider environments; and Payment Card Industry Data Security Standards (PCI-DSS)
Familiarity with secure coding best practices desired
Preferred Professional Certification(s): Security +, Network +, CISA, CEH, CCNA, or GSEC professional certification desire
Company Description
Performance Food Group is a customer-centric foodservice distribution leader headquartered in Richmond, Va. Grounded by roots that date back to a grocery peddler in 1885, PFG has a nationwide network of approximately 150 distribution centers, 35,000-plus talented associates, and thousands of valued suppliers across the country. With the goal of helping customers thrive, PFG markets and delivers quality food and related products to independent and chain restaurants, schools, business and industry locations, convenience operations, healthcare facilities, vending distributors, office coffee service distributors, big box retailers, and theaters across the U.S.
We Deliver the Goods:
- Competitive pay and benefits, including Day 1 Health & Wellness Benefits, Employee Stock Purchase Plan, 401K Employer Matching, Education Assistance, Paid Time Off, and much more
- Growth opportunities performing essential work to support America's food distribution system
- Safe and inclusive working environment, including culture of rewards, recognition, and respect
Performance Food Group is looking for a talented Information Security Analyst to play a key role in overseeing aspects of PFG's Information Security Program. This role reports to the Manager of Information Security and partners with Infrastructure and Application teams in the definition of enterprise security architecture. The candidate will plan and carry out security measures to protect the organization's computer networks and systems. The candidate will administer multiple security capabilities/programs, partner with other organizations in overseeing the operation of security capabilities protecting end user systems, and perform technical assessments of applications and supporting infrastructure.
Position Responsibilities:
- Support activities in Security Incident Response Management program
- Provide oversight and guidance to staff for Information Security related capabilities and processes (e.g. Phishing, Security Education, Incident Identification and Response, PCI DSS)
- Coordinate and Administer PFG's Security Awareness Education Program and associated activities and tools, including ad-hoc advisories, mock phishing, and Computer Based Training.
- Support activities relating to the management of the enterprise vulnerability management program
- Produce reports/dashboards, metrics, and insights to IT Service Delivery Owners, IT leadership, and line of business application owners related to the area of direct responsibility or those which you support.
- Monitor threat intelligence feeds (SANS, software manufacturer alerts, industry news media) for threats and vulnerability information to augment internal vulnerability and patch management processes, working with delivery teams to track, prioritize, and mitigate/remediate identified gaps.
- Coordinate Payment Card Industry Data Security Standards Steering Committee meetings, manage compliance documentation in collaboration with and oversight from Information Security and Treasury stakeholders.
- Advocate for and institute controls that support compliance with the Enterprise Information Security Policy.
- Ensure compliance with regulatory mandates (i.e. Sarbanes Oxley section 404, PCI DSS)
- Performs other related duties as assigned.
EEO Statement
Performance Food Group and/or its subsidiaries (individually or collectively, the "Company") provides equal employment opportunity (EEO) to all applicants and employees, regardless of race, color, national origin, sex, marital status, pregnancy, sexual orientation, gender identity, religion, age, disability, genetic information, veteran status, and any other characteristic protected by applicable local, state and federal laws and regulations. Please click on the following links to review: (1) our EEO Policy; (2) the "EEO is the Law" poster and supplement; and (3) the Pay Transparency Policy Statement.
Required Qualifications
Required Education: Associates/2-year technical
Required Experience: 1 - 3 Years
2+ years of related work experience
Conceptual understanding with network (LAN, WAN, Perimeter) security best practices
Conceptual understanding of vulnerability scanning utilities/solutions, specifically Tenable/Nessus
Conceptual understanding with traditional security concepts: VPN, Cryptography, Firewalls, Intrusion Detection
Conceptual understanding of IT security and assurance mandates/frameworks such as: Sarbanes-Oxley, CobIT, ISO 27001, NIST 800-53
Conceptual understanding with cybersecurity concepts and countermeasures; Securing ecommerce capabilities; Identity and Access Management concepts, processes, and tools; and penetration testing tools, concepts, attacks/exploits (e.g. OWASP top ten, IP spoofing, syn flood, DDOS etc.) and procedures
Able to conduct qualitative and quantitative analysis of large and complex data sets, experienced with desktop application and associated analytic/reporting utilities (MS Excel, MS Power BI, Cognos)
Proficient project management skills
Strong written and verbal communication skills
Strong MS Office skills (specifically PowerPoint, Word, Excel, Project, Visio)
Demonstrated high level of analytical and problem solving skills
Preferred Qualifications
Preferred Education: Bachelors
Preferred Experience: 3 - 5 Years
Security +, Network +, CISA, CEH, or GSEC professional certification desired
Technical experience with the following emerging technologies/concepts desired: Mobile Device Management, Mobile device security architecture, Security-related aspects of cloud architectures (PaaS, SaaS, IaaS), Virtualization, Advanced Persistent Threats
Experience with iSeries AS/400 (IBM i/ iSeries) security; Threat Modeling; Privileged user management tools (i.e. Cyberark) and processes; Microsoft SharePoint; Working in outsourced IT provider environments; and Payment Card Industry Data Security Standards (PCI-DSS)
Familiarity with secure coding best practices desired
Preferred Professional Certification(s): Security +, Network +, CISA, CEH, CCNA, or GSEC professional certification desire
Company Description
Performance Food Group is a customer-centric foodservice distribution leader headquartered in Richmond, Va. Grounded by roots that date back to a grocery peddler in 1885, PFG has a nationwide network of approximately 150 distribution centers, 35,000-plus talented associates, and thousands of valued suppliers across the country. With the goal of helping customers thrive, PFG markets and delivers quality food and related products to independent and chain restaurants, schools, business and industry locations, convenience operations, healthcare facilities, vending distributors, office coffee service distributors, big box retailers, and theaters across the U.S.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.