JOIN THE TEAM THAT’S POWERING PROGRESS Building cities. Driving commerce. Saving lives. For over 100 years, Allison Transmission has powered the vehicles and technology that move our world forward.What powers us? Our employees. From the first person hired by James Allison in 1915 to the thousands across the globe who work for Allison today, we’re driving progress everywhere because we employ top talent worldwide. Learn more about this role and how you can begin driving your career forward! Job Title:Advance Cyber Threat and Vulnerability Management AnalystPay Grade:T2Job Description:As an Advance Cyber Threat and Vulnerability Management Analyst, you will play a critical role in enhancing our cybersecurity posture by participating in threat actor-based investigations, creating innovative detection methodologies, providing support to incident response, and leading our vulnerability management program. This position focuses on effectively detecting, disrupting, and mitigating the presence of threat actors within our enterprise networks while proactively identifying and managing vulnerabilities. To accomplish this mission, you will leverage data analysis, threat intelligence, and cutting-edge security technologies. Additionally, you will collaborate closely with the Security Operations Team to apply your analytic and technical skills in investigating intrusions, identify malicious activities and potential insider threats, managing vulnerabilities, and executing comprehensive incident response strategies.
Maintain an up-to-date inventory of all assets, ensuring accurate documentation for effective vulnerability management.
Conduct regular vulnerability scans and assessments on systems, applications, and networks to identify potential weaknesses.
Assist in assessing and prioritizing identified vulnerabilities based on their severity, potential impact, and the criticality of the affected assets.
Collaborate with team members to support the development and execution of remediation strategies to address identified vulnerabilities.
Monitor for new vulnerabilities and reassess existing ones to ensure ongoing protection of systems and data.
Assist in creating and maintaining clear and documented workflows for vulnerability management processes to ensure consistency and efficiency.
Help establish and track key performance indicators (KPIs) to evaluate the effectiveness of the vulnerability management program.
Support the assignment of responsibilities within the team for the success of the vulnerability management program.
Contribute to improving visibility into the organization’s security posture through comprehensive scanning and reporting.
Engage in regular reviews of vulnerability management practices to provide input for refining processes in response to evolving threats.
Assist in developing and conducting hypotheses-driven investigations for emerging threats, collaborating with senior analysts as needed.
Participate as a first responder for cyber-security incidents, monitor alerts, events and incidents identified through security event management tools and confirm validity of identified incidents.
Help analyze network and system logs to identify indicators of compromise (IoCs) and potential advanced persistent threats (APTs).
Utilize threat intelligence feeds to support investigations of known indicators of attack (IoAs) and tactics, techniques, and procedures (TTPs) employed by adversaries.
Monitor the average time taken to triage and investigate identified security incidents, aiming to minimize response times and effectively determine their scope, impact, and root cause.
Track adherence to security policies and procedures by measuring the percentage of monitored systems that comply and identifying anomalies that indicate violations.
Establish a schedule for regular vulnerability scanning and identify and assess vulnerabilities.
Measure the percentage of identified vulnerabilities that are prioritized and remediated within a defined timeframe, ensuring high-risk vulnerabilities are addressed promptly.
Assess the relevance and impact of threat intelligence by measuring the number of threat hunting initiatives that are informed by intelligence reports, as well as the success rate in identifying and mitigating advanced threats.
Competencies and Behaviors:
The Highest Standards in Everything We Do
Takes responsibility to deliver and can be counted on to deliver results in the right way.
Adheres to a core set of values and acts in line with those values.
Drive a Positive Customer Experience
Thinks through the consequences of actions with different stakeholders.
Gains the trust of others through active engagement.
Improve the Way the World Works:
Can identify and implement complex process improvements.
Learns and adapts quickly when facing new problems.
Teamwork
Solves problems with peers in a professional and constructive way.
Steps up to lead peers when needed and demonstrates passion and engagement in working with the team.
Qualifications
· Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience).
· Completion of relevant coursework or certifications (e.g., CompTIA Security+, Certified Ethical Hacker, etc.) is a plus.
· Basic understanding of cybersecurity principles, practices, and common vulnerabilities.
· Familiarity with security tools and software used for vulnerability scanning and incident detection.
· Strong analytical skills, with the ability to assess information criticality and identify trends and anomalies.
· Capable of conducting systematic investigations and gathering relevant information to inform decision-making.
· Excellent communication skills, both verbal and written, with the ability to clearly articulate technical concepts to various audiences.
· A proactive and collaborative mindset, eager to learn and contribute to team efforts.
Strong attention to detail and the ability to manage multiple tasks effectively.
Required:
At least 1 year of experience in a technical role related to Security Operation, Vulnerability Management, Incident Response, Detection Engineering, Offensive Security/Red Team, or Cyber Threat Intelligence.
Practical experience with vulnerability scanning tools and cybersecurity software and application tool support.
Required:
At least 1 year of experience in a technical role related to Security Operation, Vulnerability Management, Incident Response, Detection Engineering, Offensive Security/Red Team, or Cyber Threat Intelligence.
Practical experience with vulnerability scanning tools and cybersecurity software and application tool support.
Preferred:
Familiarity with IT controls monitoring for regulatory and compliance requirements such as SOX, NIST, and DFAR is a plus.
This position involves proactive threat hunting, incident response, and vulnerability management, requiring a strong analytical skill set and attention to detail.
Requires the ability to navigate complex security environments and prioritize multiple tasks effectively.
Must work closely with IT operations and application support teams to facilitate the timely remediation of vulnerabilities.
Engage with cross-functional teams to ensure alignment on security initiatives and response strategies.
Supports the global operations of ATI, collaborating with teams across multiple geographic locations.
Requires adaptability and awareness of diverse regulatory requirements impacting security policies across the global organization.
Primary Location:Indianapolis, INAdditional Locations:Allison Transmission is an equal opportunity employer. We have opportunities for all qualified applicants regardless of age, race, color, sex, religion, creed, national origin, disability, sexual orientation, gender identity/expression or veteran status.If you are an individual with a disability or a disabled veteran requiring assistance and/or reasonable accommodations reviewing any of the careers information, please contact us at [email protected] .Please note that Allison Transmission will make an offer of employment only to individuals who have applied for a position using our official application. Be on alert for possible fraudulent offers of employment. Allison Transmission will not solicit money or banking information from applicants. Allison Transmission is an equal opportunity employer. We have opportunities for all qualified applicants regardless of age, race, color, sex, religion, creed, national origin, disability, sexual orientation, gender identity/expression or veteran status.If you are an individual with a disability or a disabled veteran requiring assistance and/or reasonable accommodations reviewing any of the careers information, please contact us at 317-242-5000.Please note that Allison Transmission will make an offer of employment only to individuals who have applied for a position using our official application. Be on alert for possible fraudulent offers of employment. Allison Transmission will not solicit money or banking information from applicants.