Skip Navigation

Cleveland-Cliffs

Search Jobs

View All Jobs

Career Opportunity

IT Security Engineer

Job ID 11662794 Date posted 04/25/2019
Location:Cleveland, OH
Country:United States
Job Code:2974
Position Type:Salary

About Cleveland-Cliffs Inc.

Founded in 1847, Cleveland-Cliffs Inc. is the largest and oldest independent iron ore mining company in the United States. We are a major supplier of iron ore pellets to the North American steel industry from our mines and pellet plants located in Michigan and Minnesota. By 2020, Cliffs expects to be the sole producer of hot briquetted iron (HBI) in the Great Lakes region with the development of its first production plant in Toledo, OH. Driven by the core values of safety, social, environmental and capital stewardship, our employees endeavor to provide all stakeholders with operating and financial transparency. For more information, visithttp://www.clevelandcliffs.com

Thank you for your interest in exploring a career opportunity with Cleveland-Cliffs. Our Career site is updated daily with new opportunities, so please check back often.


Description


Summary of Principle Functions


The IT Security Engineer evaluates and monitors information security related configurations, processes and controls across the company. This role researches, recommends, implements, and maintains changes to enhance information systems security. The incumbent will interface with infrastructure engineering/architecture resources, software application administrators, database administrators, network engineers, as well as senior management, and mine site/field services resources.

This role manages medium to large initiatives to enhance the security posture of the organization which is composed of over 800 network devices supporting 2,000+ end users. This role will provide support to systems and projects and will work with teams across many different technical disciplines and geographic locations.

This role will also identify and investigate anomalies and produces status reports and metrics reflecting the current state of security within the company. This may include performing forensic captures in accordance with defined procedures and chain of custody requirements.

Specific Responsibilities/Essential Functions


  • This role will be responsible to help manage vulnerability management, identity access management (including single-sign-on), privileged account management, end point protection, email filtering, threat prevention and detection, incident response, security vendor management (and working with outside vendors on security assessments and penetration testing), and responding to a centralized security information and event management system (that is externally managed).

  • Identifies and evaluates potential threats and vulnerabilities (either detected internally or publicly announced) that could impact the companies applications or infrastructure and recommends mitigating controls to reduce the companies risk

  • Maintain workable knowledge and understanding of information security, risk management and regulatory compliance topics.Maintains professional/technical currency of information security knowledge

  • Point of contact for the security information and event management process for all monitoring, logging, alerting, auditing and reporting on threats, vulnerabilities and breaches. Working with managed service provider, determine the appropriate thresholds and monitor the environment for anomalous behavior

  • Knowledgeable in the “white-hat” use of hacking tool and techniques and skilled in Active Directory management and concepts

  • Technical responsibilities for working on security events and incident response management

  • Conduct assessments of the businesses’ compliance to information security policy in the areas of manual or automated processes, procedures and access control

  • Work with internal and external audit to acquire and maintain knowledge of current Cleveland-Cliffs standards, policies, procedures and audit requirements. Communicates with intra and inter-department team members as required, as well as members of Cleveland-Cliffs’ technical and project management teams

  • Perform additional duties as directed by the Manager of Infrastructure & Security Services

  • Provide support for other team members as required

  • Ability to respond to emergency service calls at any time outside of normally assigned work hours

  • Willingness and ability to commute between Cleveland and Canton data centers on an as needed basis.

  • Willingness to travel up to 10%, including international travel, and be flexible to work various hours to accommodate international business needs

Education/Experience Requirements


Education:

  • Bachelor’s Degree in a related field or 5+ years equivalent IT experience with a minimum of 2-3 years security experience
  • Security certifications (such as GISF or GSEC) preferred but not required
  • Related industry experience is preferred.
  • Knowledge of mining business and systems a plus.

Experience:

  • Experience with vulnerability management toolsets, hacking toolsets, and security information and event management systems (Qualys and AlienVault highly preferred). Past experience developing dashboards and reports to measure the company’s security posture

  • Installation, integration and support of Microsoft technologies including all versions of Windows and Windows Server, VMware, Active Directory, Group Policies, DNS, and DHCP.Knowledge of an Office 365 environment would be a plus.

  • Managing and maintaining end-point protection and application security platforms (Cylance and Malwarebytes experience is highly preferred)

  • Experience with managing a privileged account management solution (CyberArk highly desired)

  • Previous experience with administering email filtering and threat prevention modules (ProofPoint highly preferred)

  • Previous experience with managing Microsoft file server security permission and auditing tools

  • Experience with a threat detection and incident response program, ideal candidate will have leveraged a tool like ProofPoint Threat Response and Darktrace

  • Security vendor management experience and the ability to work with these vendors on security assessments and penetration testing

  • Effectively able to diagnose/troubleshoot on various security technologies

  • Ability to communicate with and understand the needs of non-technical constituents, both internal and external

  • Demonstrated experience working on projects, training, designing process solutions, and directly interacting with customers


LinkedIn

Get Job Recommendations

With just 1 click and a connection with LinkedIn, you can receive job listings that best match your previous positions.

Get recommendations

C&E Awards

The U.S. Talent Acquisition team was awarded a 2012 Candidate Experience Award by the Talent Board. The Talent Board is a non-profit organization that showcases employers who deliver outstanding candidate experiences. This is the second year in a row that Cliffs has earned this award, which is based on feedback directly from our job candidates. Cliffs is the only Natural Resources company to receive this award.

2012 Candidate Experience Award Learn More

Join Our Talent Community

Select InterestsSelect a category and/or location from the auto suggestions and click “Add.”

Useful Links

Similar Jobs