IT Operations - Cyber Security Engineer

ODFJELL JOB DESCRIPTION COMPANY: OTH

JOB LOCATION: SCB (ADMIN OFFICES)

JOB TITLE: CYBER SECURITY ENGINEER

DEPARTMENT: ICT

REPORTS TO: IT OPERATIONS – SUSTAINABILITY MANAGER

EXEMPT/NON-EXEMPT: EXEMPT MANAGERIAL (Y/N): # Direct reports:__________________# Total:_____________ BUDGET AUTHORITY: Total Budget Amt:_______ Authorization Amt:______________

OVERALL RESPONSIBILITIES

Experienced cyber security engineer who can collaborate with different teams to deliver excellent results. Responsible for tactical implementation of cyber program and continuous improvements. Identify threats and vulnerabilities, then apply skills to develop and implement controls to mitigate them.

ESSENTIAL FUNCTIONS

 Monitor and improve cyber solutions and processes based on credible security threats and weaknesses.  Use threat modelling to analyze existing and upcoming IT (Information Technology) threats to the business.  Act as focal point for cyber incidents, develop and practice incident response playbooks, develop IT disaster recovery practices, align with company-wide continuity plans and use lessons learned to make improvements.  Assist IT teams with security “by design” practices; Ensure systems follow best practices for security protection and prevention.  Develop and administer security policy, procedures, and documentation.  Contribute to internal and external audits when requested; use audit findings to improve security posture.  Create project documentation, including design, build and operations guide to promote security practices in projects across the company.  Collaborate with internal and external parties to understand industry, regulatory and compliance landscape; align security posture accordingly.  Collect information from trusted partners, cyber sources, federal agencies, and others to advise on potential new system defenses and threats.  Contribute to the cyber security governance program and long-term risk management strategy.  Oversee internal cyber team, vendors, and 3rd party contractors to coordinate work and plan activities.  Working in a fast paced, operational business unit with a focus on safety – change management, proactive versus reactive support, strategic thinking.  Implementing and maintaining information security frameworks such as NIST, ISA/IEC and ISO is beneficial.  Understanding MITRE and Diamond models for proactive threat analysis.  Collaborating in larger projects to ensure Cyber perspective is understood and integrated in a security by design approach.  Troubleshooting and resolving complex multi-system issues.  Managing cyber risk for operational technologies (“OT”), hybrid on-prem and cloud (Azure IaaS (Infrastructure as a Service) and PaaS (Platform as a Service) environments.

 The following qualifications are useful Certified Information Systems Security Professional (CISSP) o GIAC Security Essentials Certification (GSEC) CompTIA Security+ o Systems Security Certified Practitioner (SSCP) o Certified Cloud Security Professional (CCSP) o Microsoft Certified: Cybersecurity Architect Expert

OTHER FUNCTIONS

 In case of absence, the employee’s supervisor will assume and/or assign responsibility for this position’s duties.  Perform other job-related duties as assigned.

MINIMUM QUALIFICATIONS

 Bachelor of Computer Science or Information Security are preferred.  Candidates with 5+ years of experience in this or similar roles are preferred; previous experience in other IT / OT roles are beneficial such as system engineer or administrator, network administrator, cloud engineer, etc.

PHYSICAL/MENTAL REQUIREMENTS

 Humble, hungry, smart attitude  Share knowledge to improve others’ security, understanding and adherence.  Documentation by default  Collaboration and communication  Understand and promote “best practice” and “industry standards” approach to IT.  Focus on results, incremental improvements. WORKING CONDITIONS  Office location – Space Center Blvd.

TOOLS AND EQUIPMENT UTILIZED

 Microsoft Office especially Excel and PowerPoint  Microsoft PowerBI skills would be beneficial  Powershell skills are useful.