CareerZen Logo
Company logo

IT Security Analyst - Flow Automotive

Flow Companies Group

Winston-Salem, NC

Job description

Security Analyst (Onsite) - Threat Management

About the Role -

Flow Automotive is seeking a skilled Security Analyst (Onsite) to strengthen our cybersecurity defenses and proactively manage threats across our infrastructure. You will be at the forefront of monitoring, detecting, and responding to security incidents while continuously improving our security posture through strategic tool management, vulnerability assessments, and infrastructure hardening. This role combines threat management with hands-on security engineering to protect our data, networks, and systems.

Flow Automotive Companies is committed to being on the cutting edge of the transportation industry and needs like-minded individuals to join our team. Our growth has been driven by a strategy to attract and develop high achieving people of outstanding character who are committed to operational excellence and to providing extraordinary personal service. Flow operates 54 automotive franchises representing 26 manufacturers in 10 cities and employs over 2,200 people in North Carolina and Virginia.

Key Responsibilities

Threat Detection & Response

  • Monitor and analyze security events using SIEM platforms and advanced threat detection tools to identify potential security incidents
  • Investigate security alerts, determine severity, and coordinate incident response efforts
  • Perform threat hunting activities to proactively identify indicators of compromise and emerging threats
  • Develop and refine detection rules and playbooks to improve response times and accuracy

Vulnerability Management & Penetration Testing

  • Work with vendors to conduct regular vulnerability assessments and coordinate remediation efforts across infrastructure
  • Coordinate with external partners to perform penetration testing against internal and external systems to identify security weaknesses
  • Execute social engineering assessments and physical security testing as needed
  • Prioritize vulnerabilities based on risk, exploitability, and business impact
  • Work with engineering and operations teams to develop remediation strategies and validate fixes
  • Maintain vulnerability tracking and reporting dashboards for stakeholders

Security Posture Management

  • Continuously assess and enhance the organization's overall cybersecurity posture through gap analysis and risk assessments
  • Manage and optimize security tools including EDR/XDR platforms (CrowdStrike or similar), network detection solutions (Darktrace or similar), and cloud security services (Cloudflare or similar)
  • Collaborate with IT teams to implement security controls, patches, and configuration improvements
  • Track security metrics and KPIs to measure and communicate security effectiveness

Network & Infrastructure Hardening

  • Design and implement network segmentation strategies and perimeter security controls
  • Configure and maintain border security solutions including firewalls, IPS/IDS, and secure gateways
  • Implement LAN hardening techniques including VLAN isolation, 802.1X authentication, and network access control
  • Deploy and manage endpoint hardening standards and baseline configurations
  • Conduct security architecture reviews for new systems and network changes

Data Protection & Encryption

  • Implement and manage data encryption solutions for data at rest and in transit
  • Design and deploy secure data transfer mechanisms including SFTP, secure APIs, and encrypted file sharing
  • Maintain encryption key management practices and certificate lifecycle management
  • Ensure compliance with data protection requirements across all systems handling sensitive information
  • Monitor and audit data access patterns and implement data loss prevention (DLP) controls

Identity & Access Management

  • Administer and monitor single sign-on (SSO) platforms such as Okta, including user provisioning, MFA enforcement, and access reviews
  • Investigate suspicious authentication activities and implement adaptive security policies
  • Conduct regular access audits to ensure least privilege principles are maintained

Business Continuity & Disaster Recovery

  • Contribute to the development and maintenance of business continuity and disaster recovery plans
  • Participate in BC/DR testing exercises and tabletop simulations
  • Document security-specific recovery procedures and runbooks
  • Assess recovery time objectives (RTO) and recovery point objectives (RPO) for critical security systems
  • Ensure security controls remain effective during failover and recovery scenarios

Threat Intelligence & Analysis

  • Stay current with emerging threats, attack techniques, and vulnerability disclosures
  • Analyze threat intelligence feeds and correlate findings with organizational risk
  • Document security incidents and contribute to lessons learned and improvement initiatives
  • Participate in security awareness training and help educate teams on security best practices

Required Qualifications

  • 3-5 years of experience in cybersecurity, with focus on security operations, threat management, or infrastructure security
  • Hands-on experience with EDR/XDR solutions (CrowdStrike Falcon, SentinelOne, Microsoft Defender, or similar)
  • Proficiency with network security monitoring tools (Darktrace, Vectra, ExtraHop, or similar)
  • Experience managing cloud security platforms (Cloudflare, Akamai, Zscaler, or similar)
  • Strong understanding of identity and access management principles and SSO platforms (Okta, Azure AD, Duo, or similar)
  • Demonstrated experience with vulnerability scanning tools (Nessus, Qualys, Rapid7, or similar)
  • Practical knowledge of penetration testing methodologies
  • Experience implementing network security controls, firewall rules, and network segmentation
  • Strong understanding of encryption protocols (TLS/SSL, AES, PKI) and secure data transfer methods
  • Knowledge of network hardening techniques including access control lists, port security, and secure protocols
  • Familiarity with business continuity and disaster recovery planning processes
  • Knowledge of security frameworks and standards (NIST, MITRE ATT&CK, CIS Controls)
  • Understanding of common attack vectors, malware analysis, and incident response procedures

Preferred Qualifications

  • Security certifications such as Security+, CEH, CISM, or similar
  • Experience with SIEM platforms (Splunk, Elastic, Chronicle, or similar)
  • Scripting or automation skills (Python, PowerShell, Bash, or similar)
  • Cloud platform security experience (AWS, Azure, GCP)
  • Experience with data loss prevention (DLP) and encryption key management solutions
  • Knowledge of secure network protocols (SSH, HTTPS, SFTP, IPSec, VPN technologies)
  • Experience with network access control (NAC) solutions and 802.1X implementations
  • Familiarity with compliance requirements (SOC 2, ISO 27001, PCI-DSS, HIPAA, GDPR, etc.)
  • Experience with container and Kubernetes security
  • Understanding of zero trust architecture principles

Technical Skills

  • Network protocols and architecture (TCP/IP, DNS, routing, switching)
  • Firewall platforms (Palo Alto, Fortinet, Cisco ASA, pfSense, or similar)
  • Encryption technologies and PKI infrastructure
  • Vulnerability assessment and penetration testing tools
  • Security information and event management (SIEM)
  • Endpoint detection and response (EDR/XDR)
  • Network intrusion detection/prevention systems (IDS/IPS)
  • Secure file transfer protocols and solutions
  • Backup and disaster recovery technologies

Flow provides competitive earning opportunities and a comprehensive benefits plan including:

  • Medical, Dental, Vision, and Life Insurance (including dependent coverage)
  • Paid Vacation, Holidays and Time Off
  • Paid volunteer time
  • 401(k) Retirement Plan and Financial Wellness Program
  • Thrive@Flow Wellness Program
  • Employee pricing for automotive service and vehicle purchases
  • Scholarship program for children of employees

Applicants must pass a pre-employment drug screening.

Flow Automotive Companies is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Apply