Calgon Carbon Corporation is looking for an Information Systems & Security Intern and a Governance, Risk and Compliance Security Analyst. Calgon Carbon is the leader in activated carbon technologies. Its Corporate Headquarters is located in Moon Township.
For the Internship:
The intern will be tasked with assisting with the development of the Calgon Carbon Governance, Risk and Compliance (GRC) development. They will work 40 hours per week.
- Work with the GRC software to grow the platform and its use.
- Work with our Managed Service Provider to align them to the GRC program and needs whether defining new policy or remediation of vulnerabilities.
- Develop training for the required teams on how to use the GRC tool based on the modules that are built out. Example would be training audit on how to use the audit automation within the GRC tool.
- Current undergraduate or graduate student, focused on Information Security, Information Systems, IT Risk, or related field of study.
- Solid technical understanding of infrastructure and security operations.
- Excellent analysis skills.
- Excellent process engineering skills.
- Solid understanding of Governance, Risk and Compliance and the benefits it provides to the company.
- Ability to communicate in small or large groups and influence individuals to complete assigned deliverables.
- Able to present findings or training session for users.
For the Analyst Position:
Calgon Carbon is seeking a Security Analyst with cyber security experience that extends into experience in Governance, Risk and Compliance (GRC) to assist Calgon Carbon in aligning with NIST SP 800-53/171 standards.
- IT security and audit experience with extensive knowledge of national/international security standards including NIST, PCI, DFARS, SOX, ITAR and other regulatory requirements. Conduct security audits and provide recommendations to mitigate risks, including anti-virus solutions, vulnerability scans, and disaster recovery and business continuity work practices.
- Design and implement solutions based on the requirements for the various standards that need to be implemented and followed.
- Conduct Information Risk Assessments as assigned. Clearly and concisely document and communicate risk assessment results as appropriate.
- Conduct and formulate appropriate risk scoring, as it relates to threat, vulnerability, likelihood, impact, security controls/counter-measures, etc.
- Create and maintain security policies and procedures including general corporate policies and specific technology requirements including build and hardening guidelines.
- Evaluate, configure and support security tools and solutions, i.e. SIEM, MFA, DR/BC, etc.
- Conduct gap analysis and create action plans.
- Monitor and/or complete daily, weekly, monthly and quarterly security tasks and work with Calgon Carbon’s Managed Service Provider (MSP) to execute and remediate as required.
- 3-5 years experience in cyber security space and building a GRC program against an industry standard, preferably NIST SP 800-53 and/or 800-171.
- University degree (B.A. or B.S.) – preferred IT, IT Cyber Security, Computer Technology or comparable
- Experience in managing and directing resources from contractor and vendors to achieve desired results
- Excellent organization, communication, presentation skills.
- Preference given for certifications, such as, CISSP, CISM, CEH, etc.
- Possesses a strong entrepreneurial spirit.