Key skills
Risk ManagementCloud Security
About this role
Crane NXT is focused on optimizing enterprise security technologies across its businesses, and they are seeking a Security Engineer to serve as a primary information security advisor. This role involves configuring security tools, collaborating with business units to optimize security controls, and assessing potential risks to enhance security measures.
Responsibilities:
- Assist with the configuration, tuning, monitoring, and continuous improvement of all GIS security tools
- Collaborate with business units to ensure security controls are properly optimized and function as intended across all IT and OT systems
- Guide business units in the development and maintenance of cloud security policies and standards, ensuring alignment with industry best practices
- Assess and identify potential risks to Crane NXT, and when appropriate, recommend and implement improvements to technologies and processes across business units and within the Global Information Security (GIS) organization
- Assist in proof-of-concept (POC) activities to validate solutions for security, functionality, and seamless business integration
- Collaborate with and guide business unit IT teams to ensure proficiency in security technologies and best practices
- Maintain relevant knowledge of current and leading-edge information security technologies and how these may be applicable to Crane NXT
Requirements:
- 4–6 years of experience in cybersecurity engineering, security operations, or IT infrastructure
- Experience securing manufacturing environments using OT Security best practices
- Experience with securing cloud and hybrid environments
- Technical expertise across multiple disciplines within cyber security, such as operational technology, cloud security controls, networking, email security, directory services, server security, intrusion detection/prevention, endpoint protection/EDR, application control, incident response, web application firewalls; experience with cyber security frameworks and regulatory requirements
- Strong understanding of leading-edge information security technologies
- Ability to work in a collaborative environment
- Bachelor's degree in cybersecurity, computer science, information systems, engineering, or a related field
- Exposure to OT/ICS environments such as PLC, HMI, SCADA, or industrial networks
- Relevant certifications such as AZ-500, Security+, ITIL, CISSP, CISM, CCSP and CRISC
- Strong understanding of information security and the relationship between threat, vulnerability and information value in the context of risk management
- Understanding of risk-based decision-making (e.g., risk analysis, mitigation, resolution, acceptance, etc.)