Senior IT Security Specialist

Req Id:  17970
Job Family:  Cybersecurity, Risk, Process and Control
Location: 

Rio de Janeiro, BR, 20021-290

Additional Location: 
Description: 

Imagine your career taking you to the depths of innovation and the heights of impact.  Our people enable continuous progress. Their commitment, collective expertise, and unique capabilities are the engine room behind SBM Offshore’s True. Blue. Transition. - shaping the future of energy, and beyond.

About Us:
SBM Offshore is the world’s deepwater ocean-infrastructure expert. Our work is already resulting in cleaner, more efficient energy production. True. Blue. Transition. is our promise to enable that into the future while at the same time using our expertise to support new and existing markets in the blue economy. It starts with Advancing our Core: continuing to advance the decarbonization of traditional energy production. While Pioneering More: helping to enable the energy transition and using our unique capabilities in ocean infrastructure to support more industries to grow sustainably.  Sharing our experience for a better blue tomorrow.

JOB ROLE
 

  • The IT Security Specialist is responsible for ensuring the effectiveness and security of SBM’s IT Security solutions in protecting SBM Offshore’s IT data and services.
  • You advise within your area of expertise to ensure that SBM remains at the forefront of technological developments to identify innovative methods to reduce the risk profile of SBM Offshore.
  • In the case of a Cybersecurity Incident, work with the security team to mitigate the risk introduced, recover, and investigate the Incident.

 

RESPONSIBILITIES
 

To support, govern and contribute to a fully integrated and aligned IT Strategy across the SBM organization, you are to:

•    Always explore for areas of improvements within SBM Offshore’s IT Security landscape and propose solutions together with IT Enterprise Architect team
•    Liaise, work together with- and advise your colleagues within different locations and disciplines;
•    Execute the processes and best practices necessary to work according to the direction and Strategy of Group IT (and make suggestions for improvement if required);
•    Maintain all security related documentation and working instruction in the central repository;
•    Ensure quality and accurate information of security assets in the CMDB
•    Participate and support the Network, Software and System team in solving cross-discipline complex problems that involves security;
•    Participate in Cyber Security activities and ICOSIT audits.
•    Work on four main areas (Implementation, Support, Monitor, Report)
•    Manage security incidents according to Incident Management Process
•    In the case of a security incident be able to begin a forensic investigation.

To ensure knowledge sharing and creating awareness amongst the IT community on your respective specialism, you are to:

•    Keep the IT community informed on any new initiatives and decisions taken that might have an impact on day-to-day business;
•    Participate in cybersecurity project implementation when required;
•    Ensure a cross functional alignment to minimize down-time within the overall IT landscape

To ensure that you understand and manage your stakeholders and their requirements as well as having assigned activities completed successfully, you are to:

•    Understand, plan and deliver assigned tasks with accuracy to meet stakeholders’ needs in a timely manner;
•    Identify areas requiring more detailed instructions and clarify as necessary with stakeholders to ensure no surprises;
•    Complete tasks in compliance with applicable policies, standards and work procedures;
•    Identify areas for potential cybersecurity risk issues and proactively communicate with stakeholders to resolve issues, share information and provide guidance as required;
•    Seek clarification or guidance as soon as difficulties arise and recommend alternative solutions;
•    Perform thorough self-check of all solutions prior to release for use by stakeholders;
•    Properly plan work to allow adequate time for stakeholder feedback and adjustments to ensure intended functionality;
•    Network with stakeholders to serve as a source of support in executing project
•    Produce consistent/organized instructions in a well-structured format to convey required information to stakeholders


JOB REQUIREMENTS 

 

•    Solid experience in Cyber Security and Data Protection roles
•    Familiar with hybrid security solutions, on-premise and cloud environment
•    Must possess some relevant security related certifications – Cloud Security, Pentest, Vulnerability assessor, CompTIA Security +
•    Must possess hands-on technical experience in minimum of 3 areas – AZURE Security, Pentest, Ethical Hacking, forensics, CIS Hardening, 
•    Possess the following technical hands-on experience will be added advantage – CES, Carbon Black, Bitdefender 
•    Able to travel overseas when required
•    Deep understanding of ISA/IEC 62443 and NIST SP 800-82
•    Knowledge of NIS2 directive
•    Experience in design and management of Information Security solutions
•    Advanced English level
•   Willing to work in a hybrid setting (remote and on-site)   

 

GENERAL INFORMATION

 

SBM Offshore N.V. is a listed holding company that is headquartered in Amsterdam. It holds direct and indirect interests in other companies that collectively with SBM Offshore N.V. form the SBM Offshore Group (“the Company”). For further information, please visit our website at www.sbmoffshore.com. The companies in which SBM Offshore N.V., directly and indirectly, owns investments are separate entities.

SBM Offshore is proud to be an Equal Employment Opportunity and Affirmative Action employer. SBM Offshore does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status, or any other basis covered by appropriate law.  All employment is decided on the basis of qualifications, merit, and business need.