Senior IT Security Specialist
Rio de Janeiro, BR, 20021-290
JOB ROLE
- The IT Security Specialist is responsible for ensuring the effectiveness and security of SBM’s IT Security solutions in protecting SBM Offshore’s IT data and services.
- You advise within your area of expertise to ensure that SBM remains at the forefront of technological developments to identify innovative methods to reduce the risk profile of SBM Offshore.
- In the case of a Cybersecurity Incident, work with the security team to mitigate the risk introduced, recover, and investigate the Incident.
RESPONSIBILITIES
To support, govern and contribute to a fully integrated and aligned IT Strategy across the SBM organization, you are to:
• Always explore for areas of improvements within SBM Offshore’s IT Security landscape and propose solutions together with IT Enterprise Architect team
• Liaise, work together with- and advise your colleagues within different locations and disciplines;
• Execute the processes and best practices necessary to work according to the direction and Strategy of Group IT (and make suggestions for improvement if required);
• Maintain all security related documentation and working instruction in the central repository;
• Ensure quality and accurate information of security assets in the CMDB
• Participate and support the Network, Software and System team in solving cross-discipline complex problems that involves security;
• Participate in Cyber Security activities and ICOSIT audits.
• Work on four main areas (Implementation, Support, Monitor, Report)
• Manage security incidents according to Incident Management Process
• In the case of a security incident be able to begin a forensic investigation.
To ensure knowledge sharing and creating awareness amongst the IT community on your respective specialism, you are to:
• Keep the IT community informed on any new initiatives and decisions taken that might have an impact on day-to-day business;
• Participate in cybersecurity project implementation when required;
• Ensure a cross functional alignment to minimize down-time within the overall IT landscape
To ensure that you understand and manage your stakeholders and their requirements as well as having assigned activities completed successfully, you are to:
• Understand, plan and deliver assigned tasks with accuracy to meet stakeholders’ needs in a timely manner;
• Identify areas requiring more detailed instructions and clarify as necessary with stakeholders to ensure no surprises;
• Complete tasks in compliance with applicable policies, standards and work procedures;
• Identify areas for potential cybersecurity risk issues and proactively communicate with stakeholders to resolve issues, share information and provide guidance as required;
• Seek clarification or guidance as soon as difficulties arise and recommend alternative solutions;
• Perform thorough self-check of all solutions prior to release for use by stakeholders;
• Properly plan work to allow adequate time for stakeholder feedback and adjustments to ensure intended functionality;
• Network with stakeholders to serve as a source of support in executing project
• Produce consistent/organized instructions in a well-structured format to convey required information to stakeholders
JOB REQUIREMENTS
• Solid experience in Cyber Security and Data Protection roles
• Familiar with hybrid security solutions, on-premise and cloud environment
• Must possess some relevant security related certifications – Cloud Security, Pentest, Vulnerability assessor, CompTIA Security +
• Must possess hands-on technical experience in minimum of 3 areas – AZURE Security, Pentest, Ethical Hacking, forensics, CIS Hardening,
• Possess the following technical hands-on experience will be added advantage – CES, Carbon Black, Bitdefender
• Able to travel overseas when required
• Deep understanding of ISA/IEC 62443 and NIST SP 800-82
• Knowledge of NIS2 directive
• Experience in design and management of Information Security solutions
• Advanced English level
• Willing to work in a hybrid setting (remote and on-site)