IT Lead, Cyber Security
Oil & Gas - Security
Posted 25th Jun 2018
Responsibilities will include:
• Manage Cyber security operations
• Maintain IT security framework, policy and standard (including internal and external policy compliance)
• Monitor regulation compliance (in relation to Cyber; i.e. GDPR)
• Operate ISMS and provide assurance that it is effective (currently based on ISO 27001)
• Work with different departments in the organization to operationalise ISMS
• Operate Cyber security risk assessment programme
• Participate in DR and IT Service continuity planning
• Maintain Cyber Security Architecture
• Provide security guidance on the design of applications and network architectures
• Manage Cyber security incident response program
• Monitor security threats and execute responses through SIEM tools
• Assess and improve the organization’s security capabilities/measures, such as firewalls, anti-virus software and passwords, to identify any weak points that might make information systems vulnerable to attack
• Analysis and Implementation of Security Solutions (tools and technology) to meet security requirements
Our client is a provider of oilfield services to the international oil and gas industry.
We design, build, operate and maintain oil and gas facilities, which we deliver through a range of flexible and innovative commercial models that can be aligned to an individual client, project or asset. This enables us to respond to the distinct needs of each client and help them to transform the value of their assets across the oil and gas life cycle.
• A bachelor’s degree in information technology or computer science is required. Sound (10 years) work experience, with 3 or more in an cyber security or information security management position, is also required.
• Comprehensive understanding of Information Security Frameworks (e.g. ISO 27001, SOX, PCI DSS and Cyber Essentials) and UK and EU data protection laws, including GDPR.
• Knowledge of security investigation techniques, the rules of evidence and practical experience of computer forensics would be useful.
• A good working knowledge, at a minimum as below:
• Networking and switching technologies, optimisation tools and next generation firewalls
• Cloud security practices
• Cryptographic controls and website security
• Current experience of Windows Server, virtualisation and desktop technologies
• Experience of wireless and mobile security standards
• Internet protocols
• Microsoft Security (E3 and E5) security solutions
• Experience with strategic security planning with proven ability to work collaboratively with other departments to resolve complex issues with innovative solutions
• Experience and understanding of the information risk implications of third party relationships
• Working knowledge of SIEM systems and data loss prevention tools
• Working knowledge of Infrastructure security and hardening, Ethical Hacking or Penetration Testing
• Working knowledge of Identity and Access Management
• Deployment and management of vulnerability and patch management software
Is this the job for you? Don't waste any time:
Get in touch with...
Get Job Alerts
Don’t miss out on your perfect job. Click here to sign-up for email alerts