At Oshkosh, we build, serve and protect people and communities around the world by designing and manufacturing some of the toughest specialty trucks and access equipment. We employ over 17,000 team members all united by a common purpose. Our engineering and product innovation help keep soldiers and firefighters safe, is critical in building and keeping communities clean and helps people do their jobs every day.

　　Oshkosh Corporation owns significant assets in the form of information. Some of these assets lose substantial value if they are improperly disclosed, and similar disclosure of other assets could result in significant harm to the organization. This role will support the Cybersecurity mission by working with the business as a trusted advisor to reduce cybersecurity risks to acceptable levels. Specifically, by acting as the organization’s mechanism to identify, maintain, and improve cybersecurity controls by using risk-based approach and creating effective education and awareness to preserve the confidentiality, integrity, and availability of company information.

　　YOUR IMPACT

　　These duties are not meant to be all-inclusive and other duties may be assigned.

　　Manage a 24x5 team making up SOC and Incident Responder capabilities as well as the day-to-day interactions and operations of an industry-leading MDR provider.

　　Employ strategies, standards, processes, and technology to detect, respond and recover from security incidents and to limit the impact of any such occurrence or re-occurrence by using risk-based triage.

　　Encourage cross team collaboration with outside groups by improving communication, providing critical feedback, and mentoring.

　　Compile metrics covering the different work that the cybersecurity incident response team does and create and improve upon industry standard metrics to help improve the operational excellence of the team.

　　Drive continued growth and improvement with analysts though individual improvement meetings (1on1), training goals, case reviews, yearly employee reviews and feedback.

　　Manage the MDR and vendor relationships and discover ways to improve or grow the relationship.

　　Work with other leaders to improve the operational playbooks and other training and education material with the goal of improving response time (MTTR), create awareness where automation and orchestration can be used, and create a team of highly functional analysts.

　　Build processes around InfoSec risk models, and in coordination with other functional teams (e.g., HR, Finance, IT, Engineering), work to securely respond to the cyber risks associated with business activities and technical implementations.

　　Participate in pen testing and purple team events that are put on to strengthen our knowledge of our environment.

　　Contribute to the development and execution of the group strategy by providing thought leadership on all aspects of cybersecurity. Partner with business leadership to align and integrate cybersecurity and business strategies.

　　This position reports to the Senior Manager of Cyber Defense

　　MINIMUM QUALIFICATIONS

　　Bachelor’s degree in Cybersecurity, Information Systems or equivalent.

　　Five (5) or more years of Information Technology, Communication, or related field experience (including class work).

　　Ability to travel 10% of the time.

　　US Citizen

　　STANDOUT QUALIFICATIONS

　　Relevant industry recognized certifications (CISSP, CEH, GIAC, Security+, SSAP, etc.)

　　Desire to lead and manage a group of people in the cybersecurity discipline

　　Understanding of cybersecurity and compliance, including PCI, SOC, and HIPAA requirements for information systems and industry best practices, such as, NIST 800-53, 800-171

　　Ability to understand network traffic, system logs, and meta data for pattern/characteristics, or general anomalies to trend/baseline activity and correlate for alerts, activities, and detections.

　　Understanding of security controls for network, applications, and operating systems.

　　Able to communicate conceptual and technical information both verbally (on phone, one-on-one, to groups) and in writing (emails, letters, reports, presentations) to various audiences (work group, team, company management, external clients).

　　Knowledge of identifying intruder techniques (new vulnerability, attack vectors, exploits, etc.).

　　Knowledge and experience with InfoSec systems (SEIM, SOAR, IDS/IPS, Honeypots, Open-Source Intel, Sandbox Analysis Tools, etc.).

　　Demonstrated conceptual, analytical, and innovative problem-solving and evaluative skills.

　　WHY OSHKOSH?

　　Moving the future forward is our priority and this includes your future. We encourage professional development and champion our employees’ success through various skills and training opportunities. Named one of the World’s Most Ethical Companies™ by Ethisphere Institute for six consecutive years, everything we do at Oshkosh is guided by our core values and the 15k+ team members around the world who embody them.

　　We put people first. We do the right thing. We persevere. We are better together.

　　Oshkosh is committed to working with and offering reasonable accommodations to job applicants with disabilities. If you need assistance or an accommodation due to a disability for any part of the recruitment process, please contact our reception desk by phone at +1 (920) 502.3009 or our talent acquisition team by email [email protected] .

　　Oshkosh Corporation is an Equal Opportunity and Affirmative Action Employer. This company will provide equal opportunity to all individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. Information collected regarding categories as provided by law will in no way affect the decision regarding an employment application.

　　Oshkosh Corporation will not discharge or in any manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with Oshkosh Corporation's legal duty to furnish information.

　　Certain positions with Oshkosh Corporation require access to controlled goods and technologies subject to the International Traffic in Arms Regulations or the Export Administration Regulations. Applicants for these positions may need to be "U.S. Persons," as defined in these regulations. Generally, a "U.S. Person" is a U.S. citizen, lawful permanent resident, or an individual who has been admitted as a refugee or granted asylum.