CECO Environmental

GRC Analyst, IT Cybersecurity

Location US-TX-Addison
ID 2024-2588
Category
Information Technology
Position Type
Regular Full-Time
Remote
No

Job Summary

CECO is a leading, environmentally focused diversified industrial company, delivering innovative solutions that protect people, the environment, and industrial equipment worldwide. With more than 150 years of history and deep application expertise, CECO serves a broad range of industries, including air, water, and energy transition markets. Our legacy began in 1869 with the founding of the Dean Brothers Pump Company, addressing high-temperature pumping challenges. A century later, Claremont Engineering was established, evolving into CECO Environmental. Today, CECO proudly encompasses over 20 trusted brands, each committed to providing solutions that safeguard people, the environment, and industrial operations. 

 

As part of the CECO corporate team, you will play a key role in supporting the continued growth and success of our global family of brands. Whether working in finance, HR, IT, accounting, marketing, or another corporate function, your expertise will help drive efficiency and innovation across our organization. By joining CECO, you’ll be part of a company committed to protecting the environment and enhancing industrial operations, all while fostering a collaborative and purpose-driven work environment. 

 

We are looking for a Cybersecurity GRC Analyst to provide technical guidance and implementations across our business. CECO has a number of manufacturing sites across the globe and a diverse footprint of technologies and customers driving our growth. The successful individual would need to be comfortable engaging with users from all departments and locations to ensure security requirements are communicated and understood.

The Cybersecurity GRC Analyst will have the key focus on supporting the continual improvement of cybersecurity and aligning our solutions with corporate standards and compliance frameworks. This would include a key focus on CMMC and other certifications, supporting audits and maintaining compliance, developing and publishing policies, and driving continual improvement in cybersecurity metrics.

The Cybersecurity GRC Analyst will build effective relationships with business users to gain an understanding of their business processes and associated cybersecurity requirements. They are expected to use this knowledge to ensure that the business remains compliant with the appropriate standards and controls, as well as ensuring security solutions are appropriate to business needs.

The individual will need to be a pragmatic self-starter who is rolling up their sleeves and ‘doing’. Someone who can balance the needs of security requirements against what our users need to carry out their role successfully. The cybersecurity team is small but growing, so there will be a number of opportunities to learn and contribute to different areas of our security growth.

  

 

Your Responsibilities will be:

This job description represents only the primary areas of responsibility; specific position assignments will vary depending on the needs of the department.

To perform the job successfully, an individual must be able to execute each essential duty satisfactorily.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. 

  •  Co-ordinate vulnerability management and ensure relevant vulnerabilities and risks are identified and mitigated, both on premise and in the cloud.

  •  

     Monitor computer networks for security issues, working with the Cybersecurity and IT teams to investigate issues.

  •  

     Identify and monitor external information sources, making recommendations on the latest security threats and vulnerabilities.

  •  

     Support successful CMMC certification and compliance with various NIST standards.

  •  

    Develop and maintain Compliance tools at CECO, using Microsoft Compliance Portal / Purview to enhance our Data Loss Prevention (DLP), Insider Risk Management (IRM), and overall data security

  •  

    ·Work with cybersecurity leadership to implement items on the cybersecurity strategy and maintain an on-going program of security testing.

  •  

     Test and evaluate new technology.

  •  

     Stay up-to-date on information technology trends and security standards.

 

Required Qualifications: 

  • A bachelor’s degree in computer science, Information Systems, Business Management or a related field and 3+ years of experience; or an equivalent combination of education and experience sufficient to successfully perform the essential duties of the job such as those listed above.
  • Working knowledge of SOX, CMMC, GDPR, PCI compliance requirements

 

Preferred Qualifications:

  •  Experience of dealing with Operational Technology issues in a Manufacturing environment

  •  

     Experience in supporting a global and multi-cultural organization.

  • Relevant Cybersecurity, Audit, Risk and Compliance certifications (strongly preferred)

 

 

 

 

ADA REQUIREMENTS (For U.S. positions only):

 

Positions in this function typically require typing, sitting, climbing, balancing, stooping, kneeling, crouching, crawling, reaching, standing, walking, pushing, pulling, lifting, fingering, grasping, feeling, talking, hearing, seeing and repetitive motions.

 

  • Concentrated mental and/or visual attention. The work involves performing complex tasks to very close accuracy and quality specifications, or a high degree of hand and eye coordination for sustained periods.
  • The job is typically performed under comfortable working conditions; any disagreeable elements are generally absent during normal performance of job.
  • Compliance with company attendance standards.

 

Sedentary Work: Exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.

   

We Offer: 

We provide a variety of medical insurance plans, with dental and vision coverage, Employee 401(k), tuition reimbursement, and much more.  

At CECO, we are committed to a culture where every employee is valued and respected for their unique experiences and perspectives. We believe a diverse and inclusive work environment contributes to the rich exchange of ideas and diversity of thoughts, that inspires innovation and brings the best solutions to our customers.  

 

ABOUT US 

CECO’s Commitment to Our People 

At CECO, our people are at the center of everything we do. Whether you’re a professional looking for a career change, an undergraduate student exploring opportunities, or a recent graduate with an advanced degree, you’ll find your chance to make a difference with CECO. 

 

ABOUT CECO 

CECO Environmental is a leading environmentally focused, diversified industrial company whose solutions protect people, the environment, and industrial equipment across the globe, serving a broad landscape of industrial air, industrial water and energy transition markets. 

We serve these markets and our global customers through our key business segments: Engineered Systems and Industrial Process Solutions. Learn more about CECO by visiting About Us

 

 

Equal Opportunity Employer 

CECO is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment. 

 

Accessibility Assistance or Accommodation 

If you have a disability and are having difficulty accessing or using this website to apply for a position, please contact: hr@OneCeco.com.    

 

 

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed