Apogee Enterprises, Inc. (NASDAQ: APOG), founded in 1949 and is headquartered in Minneapolis, MN. Apogee is a growing, profitable company with annual revenues approaching $1.4 billion. It provides distinctive metal and glass solutions for enclosing commercial buildings, and glass and acrylic solutions for picture framing and display applications. Brands in the Apogee family include Alumicor, EFCO, Harmon, Linetec, Tru Vue, Tubelite, and Viracon.

Position Summary

The Information Security Analyst is tasked with the initial investigations and review of system alerts, logs, and reports as well as assisting with the planning, implementation, and maintenance of enterprise operational defenses. This individual is additionally responsible for maintaining and extending the existing suite of defenses and assisting in the creation of policies and other documentation. The Information Security Analyst also participates as a member of the Apogee Security Incident Response Team (SIRT) to identify and resolve potential security incidents.

Reporting directly to the Apogee Sr. Director of Cybersecurity and IT Compliance, the incumbent will investigate events, maintain security controls, and help to foster a security-first culture across the company.

Responsibilities

• Review system alerts and perform investigations into the nature of the alerts,
• Review system logs and reports for interesting behaviors and unusual trends which may indicate compromise.
• Participate as a member of the Cybersecurity Team in developing and maintaining Apogee's security strategies.
• Assist with rule tuning/optimization for the following systems: Centralized Logging, Intrusion Detection, Application Vulnerability Scanning, Advanced Endpoint Protection, Firewalls, and SIEM.
• Recommend control enhancements to senior Cybersecurity staff and management.
• Validate system and device hardening standards.
• Maintain ongoing knowledge of information security technologies.
• Participate in Incident Response investigations as a member of the Apogee SIRT.
• Attend and participate in after hours and weekend maintenance as necessary.
• Attend and participate in staff, project and vendor meetings.
• Maintain and ensure confidentiality of company, client and employee data.

Personal Attributes

The successful candidate will be expected to be a high-energy, creative, and resourceful self-starter who demonstrates technical skills, instincts, and significant capacity for work. They are highly analytical and enthusiastic with a commitment to excellence. In terms of personal competencies, the successful candidate must be a problem solver and adept communicator with a thirst for understanding. In addition, they should possess the following competencies:

• Ethics: Highest level of professional integrity and honesty as well as personal credibility.
• Results-Oriented: A driver who possesses the ability to take actions and implement effective solutions in a timely manner.
• Teamwork and Interpersonal Skills: A team player, receptive to ideas from others. Shares information and keeps team members and partners informed. Works effectively with others to identify and resolve issues.
• Problem Solver: Exceptional analytical and problem-solving abilities and an understanding of how to utilize technology to fulfill work requirements.

Education & Experience

Minimum requirements:

• 1-2 years' experience working in an IT environment.
• Good understanding of computer and network systems characteristics, features, and operational capabilities.
• Experience reading system logs and managing work through a ticketing system/queue.
• Demonstrated ability to effectively communicate technical concepts to staff of all technical abilities.

Preferred:

• A.S. or B.S. in Computer Science, MIS, or related Information Technology field highly preferred
• Experience with event analysis and incident response.

• Knowledge of and experience with common security frameworks such as CIS, NIST, and ISO 27001.
• Understanding of SOC 1 and 2 control creation and management.

#LI-TV1

Apogee and our brands are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status or any other characteristic protected by state or federal law.