We are a Fortune 200 company, proud to call Richmond, Virginia our home. Our companies – which have been the undisputed market leaders in the U.S. tobacco industry for decades – include some of the most enduring names in American business: Philip Morris USA, the maker of Marlboro cigarettes, and U.S. Smokeless Tobacco Company, the maker of Copenhagen and Skoal. We also own John Middleton, manufacturer of Black & Mild cigars, Nat Sherman, a super-premium cigarette and cigar business and Nu Mark, an innovation company which makes e-vapor products like Mark Ten. We complement our total tobacco platform with Ste. Michelle Wine Estates, a collection of distinctive wine estates and maker of Chateau Ste. Michelle, and our significant equity investment in Anheuser-Busch InBev – the world's largest brewer.Altria Client Services’ role is to provide high quality services to the Altria family of companies. We are currently seeking a highly qualified Principal Security Analyst to join our Global Threat Management and Security Operations (GTMSO) department in Richmond, VA. Key Accountabilities/Responsibilities:
Desired Skills/Qualifications Include:
- Act as subject matter expert for Vulnerability & Threat Management (VTM) and CSIRT matters, while representing GTMSO in various projects, ongoing security operations and improvement initiatives.
- Serve as Lead of Altria Computer Security Incident Response Team (CSIRT); and participate in on-call Handler rotation. Develop CSIRT infrastructure, execute CSIRT program improvements, plan incident response exercises, provide incident response training to other CSIRT Handlers and responders on effective Incident Response procedures. Provide governance of Managed Security Service Provider Incident Management program; includes managing onsite MSSP Incident Manager to ensure effective day-to-day Security Operations Center Incident Management. Provide supplier management and governance of suppliers on retainer for CSIRT support; includes, larger scale incident response support, and CSIRT improvement activities.
- Serve as Lead of the Altria VTM program. Manage vulnerability management life cycle for Altria's IT Assets across all operating companies; including development of a repeatable remediation process, logical and effective scan scheduling, process for ensuring accurate and timely targeting information, process for timely and accurate reporting on findings. Ensuring close collaboration with IT Operations and other key stakeholders (e.g., Risk Owners, BISOs, Business/Account Support Teams, etc.) to ensure timely discovery and remediation of vulnerabilities, while not impeding upon competing objectives or disrupting steady state operations. Includes providing governance and technical oversight of Managed Security Services Provider services associated with VTM program.
- Manage Altria's Threat & Vulnerability Intelligence efforts, to include enterprise patch management activities and processing of Intelligence alerts from MSSP Threat Intelligence service.
- Support Altria Risk Intelligence Reporting (RIR) program by providing timely inputs to periodic and ad hoc reporting cycles. Work with RIR team to adjust and/or develop appropriate metrics associated with CSIRT, Security Operations, and VTM programs.
- Execute Supplier Management and procurement tasks as required.
- Represent GTMSO organization in a wide array of IT application and infrastructure projects requiring broad knowledge of security.
At Altria, we recognize that our people are the reason we achieve our business goals. We believe in developing the leadership potential of our employees by providing them with opportunities for training, development and advancement
- Bachelor's degree in Computer Science, Information Systems, Engineering or related discipline preferred. Minimum of 8 years IT experience with 5+ years of Information Security expierience; 3+ years of hands-on experience with computer security incident response, including leading/managing an Incident Response program; 3+ years experience with an enterprise vulnerability management program management.
- Expert knowledge of security incident response and incident handling techniques. Experience designing, implementing, and managing an enterprise wide incident response program.
- Expert understanding of vulnerability scanning & detection technologies/techniques; such as QualysGuard, Rapid7 NeXpose, Nessus, Onapsis, nmap, Kenna, as well as network penetration testing techniques. Experience designing, implementing, and managing an enterprise wise vulnerability management program.
- Broad knowledge of IT technologies, Operating Systems and Applications platforms; including, Security Incident and Event Management systems such as Qradar, Splunk, and LogRhythm. Detailed understanding of IT security concepts and Defense-in-Depth practices
- Experience working in a highly matrixed, highly outsourced technical environment.
- Certified Information System Security Professional (CISSP) certification and GIAC Certified Incident Handler (GCIH) desired.
- Excellent verbal and written communication and interpersonal skills
In addition to the opportunity to apply and develop your skills toward key business objectives, we offer an excellent compensation package including a competitive base salary, comprehensive health/vision/dental insurance, participation in our incentive compensation and deferred profit sharing programs as well as a relocation assistance package.
Each Altria company is an equal opportunity employer. We consider qualified applicants without regard to race, color, religion, sex, national origin, sexual orientation, disability, gender identity, protected veteran status, or other protected class.