Accessibility Links

Senior Cybersecurity Engineer

  • Job reference: 935655
  • Location: Houston, Texas
  • Salary: Negotiable
  • Job type: Permanent
  • Sector: Oil & Gas
  • Date posted: 10/06/2021

Sr. Cybersecurity Engineer (Vision, Strategy, Engineering and Architecture)

POSITION PURPOSE:
Sr. Cybersecurity Engineer with focus on Vision and Strategy that serves as a subject matter expert (SME) for information-centric security. Protect company information security throughout the information lifecycle.

Responsible to design, build, testing, and implementing security systems within company enterprise ecosystems. The role is expected to have a thorough understanding of complex IT and digital systems, be up to date with cloud and on-premises security and the latest security standards, industry standards, and best practices including industry standard-setting security solutions and products. Provide the business with security requirements according to business goals and strategies to include those achieving security audits, assessments and certifications such as SOC, ISO, GDPR.

Practical knowledge and understanding of key security architectures, platforms, technologies and principles such as: Zero trust security, IaaS, SaaS, PaaS, IaaS (AWS, Azure and more…,) Network Security (NGFW, WAF, REVERS & FORWARD facing proxies, Load-balancing, VPN, FW as a service, 802.1x and 802.11), Secure Web Access, Information Protection, Identity and Access Management, Endpoint Security solutions, Secure Asset Management and BYOD concepts.


POSITION DUTIES:

  • Participate as a member of an international team of experts in the domain of information security and protection.
  • Design, Build, Test and Operationalize tools and controls which may include, Network Security, Endpoint Security, Data loss prevention, Data Classification, Business Resilience and Recovery, Access control and monitoring, encryption, masking, and tokenization, Cloud access and cloud security brokers.
  • Closely partner with business stakeholders to advocate, discover, plan, communicate, prepare, and deliver appropriate protection for company information.
  • Assess and analyze system security landscape, postures, technologies, and vulnerabilities to determine the best courses of action or mitigating controls.
  • Direct security implementations and tuning for protective, detective, and reactive responses.
  • Lead forward-thinking security concepts for platforms and enterprise architectures that enhance secure ecosystem integrations and avoid compatibility complications
  • Leverage company's vendor partnerships, outsourcing entities, and service providers to improve security by identifying, adapting, and enhancing available Cybersecurity capabilities effectively.
  • Contribute to the strategy and roadmap protecting information and digital assets.
  • Reduce risks to business risk acceptance levels through designing, building, testing, and deploying secure, resilient ecosystems and architectures that leverage best platform designs, including cloud and hybrid.
  • Determine information requirements by evaluating business strategies and requirements.
  • Reinforce business objectives by matching appropriate security controls to information.
  • Identify risks. Offer business appropriate solutions that mitigate or reduce risk.
  • Enhance ability to protect, defend, and respond to threats through network, asset, Identity, and data-centric situational awareness.
  • Review and analyze existing capability for effectiveness, efficiency, and cost optimization. Seek and identify opportunities to better leverage what works and improve what does not.
  • Regularly publish metrics and KPI to track and communicate performance.

POSITION REQUIREMENTS:

Basic / Required Qualifications:

  • 7+ years of information security experience including Secure Cloud Architecture
  • 7+ years supporting large, complex, business-critical enterprise services including Cybersecurity Operations or Architecture
  • 5+ years developing strong influence skills, building trust within the team with the business and IT vendors
  • 5+ years implementing agile, resilient, or innovative centric technologies
  • 3+ years in a supervisory role
  • 3+ years managing operational and capital project budgets
  • Advanced oral and written communication skills.

Work Experience:

  • Experience with delivering and assisting with SOC, ISO assessments and reports.
  • Extensive understanding of the following security domains: Cloud Security, Edge Computing, Audit and Monitoring, Risk Response & Recovery, Cryptography, Data Communications, Malicious Code, Computer Operations Security, Telecommunications & Network Security, Security Architecture & Models, Security Management Practices, Investigation & Ethics.
  • Solid understanding of security authentication, authorization, auditing, cryptography and security protocols to effect improvements in the security posture across all aspects, including: endpoint security, detection, response, secure asset management and BYOD concepts, DLP, API security. Good knowledge and understanding of Identity and access management concepts (MFA, Federation, SSO, PKI, and so on), Information: discovery, classification, protection, assurance, and destruction.
  • Extensive knowledge of industry standards like NIST, ISO, OWASP, CSA including performance, risk management, and reliability
  • Preferred Qualifications:
  • Bachelor's Degree in Computer Science or related discipline.
  • Certifications: CISSP, CISM, Security+, CEH, AWS, MS cloud
  • Experience working within an international, complex, large organization
  • Able to work effectively in a matrix-management environment.
  • Advanced interpersonal, analytical, organizational, and problem-solving skills.
  • Understanding of project management knowledge areas.
  • Ability to establish and maintain effective working relationships

Work Environment:

  • Office work environment
  • Sponsoring and mentoring environment
  • Diversity in workgroups
  • Frequent sitting and operating a computer and meeting with customers
  • Travel to other company sites may be required (10%)

Our role in supporting diversity and inclusion
As an international workforce business, we are committed to sourcing personnel that reflects the diversity and values of our client base but also that of Orion Group. We welcome the wide range of experiences and viewpoints that potential workers bring to our business and our clients, including those based on nationality, gender, culture, educational and professional backgrounds, race, ethnicity, sexual orientation, gender identity and expression, disability, and age differences, job classification and religion. In our inclusive workplace, regardless of your employment status as staff or contract, everyone is assured the right of equitable, fair and respectful treatment.

Similar jobs
Control Systems Engineer
  • Salary Negotiable
  • Job type Contract
  • Location Monaca, Pennsylvania
  • Description Control systems engineer needed for year long contract in a chemical facility. Competitive hourly rate, full benefits and monthly living allowance provided. Unable to offer sponsorship.
Software Application Engineer II
  • Salary Negotiable
  • Job type Permanent
  • Location Erie, Pennsylvania
  • Description Major EPC firm is seeking a Software Application Engineer for work on subsea and surface oil exploration and production systems.