It's fun to work in a company where people truly BELIEVE in what they are doing!

Headquartered in Arvada, Colorado, Sundyne is a leading manufacturer of highly reliable and efficient centrifugal pumps and compressors for use in the oil and gas, petrochemical, chemical, power generation and water processing industries. The Sundyne product portfolio features innovative high-speed integrally geared, multistage and sealless technologies that meet API and ISO standards. With a global channel consisting of more than 300 sales and service locations, and a manufacturing network that employs over 1,000 people across 5 facilities, Sundyne provides high quality engineered fluid handling solutions to customers around the world. For additional information, visit .

Position Description

Sundyne is seeking an Cybersecurity Analyst to be the primary driver and owner of Sundyne's entire Cybersecurity program. Responsibilities will be to assess Sundyne cybersecurity tools/controls, plan improvements, collaborate with internal and external staff on implementing improvements, and report status or progress to management. Note this is a full-time and mandatory on-site role at our Arvada, CO facility.

Job Duties & Responsibilities

• Perform ad-hoc and on-going assessments of Sundyne controls and compare to CIS/NIST Framework.
• Identify gap areas or areas requiring additional improvements
• Discuss, plan, schedule, and implement changes in the Sundyne environment working with both internal staff and outsourced service providers to adhere to CIS/NIST framework
• Report to management on status, plan, schedule and future state

• Work with outsourced service provider to schedule and conduct vulnerability scans and penetration tests using existing tool(s).
• Review and assess findings with respective stakeholders
• Discuss, plan, schedule, and implement changes in the Sundyne environment working with both internal staff and outsourced service providers to reduce or mitigate identified vulnerabilities.
• Report to management on status, plan, schedule and future state

Assist in conducting other cybersecurity assessments as required.

• Review and/or complete various cybersecurity questionnaires on Sundynes behalf when requested by 3rd parties.
• Discuss, plan, schedule, and implement changes in the Sundyne environment working with both internal staff and outsourced service providers to reduce or mitigate identified vulnerabilities.
• Report to management on status, plan, schedule and future state
• Use cybersecurity questionnaires as input into Sundyne cybersecurity program, to identify potential areas of improvement.
• Create Sundyne's Cybesecurity questionnaire for completion by 3rd parties which have access to Sundyne IT or provide IT service to Sundyne.
• Assist in the certification/re-certification of Cyber Essentials Plus certification (CE+)
• Develop and execute a plan towards gaining ISO27001 certification for all Sundyne sites globally.
• Develop and execute a plan towards gaining ISO 9001:2015 certification for all Sundyne sites globally.

• Research, plan, implement, project manage security projects or initiatives in the pursuit of increased Security.
• Leverage all inputs to put together a holistic cybersecurity program for the organization

Review and/or develop:

• Incident response plans
• Tabletop exercises
• BCP/DR Plans
• Customer Notification Plans
• Assist other IT Security team members as needed
• Phishing Simulations
• Email & web filtering
• Span and Phishing email investigations
• IPS/IDS alert investigations
• SIEM alert investigations
• Review and oversee zero-day vulnerabilities
• Review or create policies, standards and procedures related to Cybersecurity topics.

Skills & Abilities

• Ability to maintain multiple projects and initiatives at the same time
• Experience communicating and collaborating with multiple audiences at different levels - Individual Contributors to C-Level Executives
• Effective written and oral communication skills
• Ability to keep calm under pressure
• Strong planning, coordination, documentation and scheduling skills
• Customer Focused with a can-do attitude
• Experience working with or overseeing international outsourced service providers
• Some knowledge/experience with Batch, Powershell, or other scripting languages.

Qualifications

• Cybersecurity Certifications, one or more of the below required.
  • CISSP - Certified Information Systems Security Professional
  • CISA - Certified Information Systems Auditor
  • CompTIA Security+
  • CASP - CompTIA Advanced Security Practitioner
  • CEH - Certified Ethical Hacker
  • CISM - Certified Information Security Manager
  • SSCP - Systems Security Certified Practitioner
  • GCIH - Global Information Assurance Certification Certified Incident Handler
  • GSEC - Global Information Assurance Certification Security Essentials Certification
  • OSCP - Offensive Security Certified Professional
• Completed Bachelor Degree in Computer Science, IT Security, Cybersecurity or equivalent required
• 10+ years' experience in IT with a focus on Identity Management and Security required.
• Security Apps/Products, expert level in one or more of the below tools or products preferred.
  • Active Directory/Azure Active Directory
  • Qualys
  • Crowdstrike
  • Colortokens
  • BluSapphire
  • O365 Cloud App Security
  • Azure Security
  • Cisco ASA
  • Cisco ISE
  • Meraki
  • Cisco Umbrella
  • Certificate based Authentication & Encryption
• Ability to showcase experience in improving cybersecurity standards across the board using CIS/NIST Framework

If you like growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

Compensation Details

Additional Compensation

Application Deadline: