CLIENT
Our client is one of the biggest Global Energy Company.
JOB DESCRIPTION
- Advise leadership on cybersecurity initiatives that supports the latest trends in IT & OT security, risk, and controls.
Maintain cybersecurity documentation including Business Continuity and Disaster Recovery Plans - Facilitate risk assessment exercises, perform compliance and risk monitoring/validation, and other compliance assurance exercises as required.
- Lead awareness and training for the information technology risk program elements to ensure responsibilities are understood and executed.
- Coordinate external and internal assurance or advisory audits, representing information technology throughout the lifecycle of the audit (from planning through remediation strategy).
- Monitor, track, and report mitigation and resolution of IT risks.
- Facilitate compliance of all equipment utilized in the Process Control Network (PCN)/Operational Technology (OT) and Demilitarized Zone (DMZ), including timely remediation of critical vulnerabilities.
- Support and integrate IT standards into the PCN environment.
- Serve as site representative for internal and external cyber initiatives.
- Serve as Process Advisor for the Operations Technology Incident Response Process (OTIRP)
JOB QUALIFICATION
- Bachelor’s degree in Computer Science, Cyber Security, Information Technology, or a similar technical degree.
- Minimum of 5 years of related work experience in Information Technology field.
- Knowledge of and experience with Industry Policies, Standards and Controls (e.g., NIST 800-53, ISO 27001, COBIT, ITIL, SOX, PCI-DSS, SANS, etc.).
- Understanding of key technology/data concepts such as access control, confidential data, encryption, data privacy, information management, intellectual property, business continuity, disaster recovery, security scans, and 3rd party/vendor applications.
- Functional knowledge in systems architecture for both IT and OT systems. Experience with OT, ICS, PCN systems, including PCN infrastructure a plus.
- Certifications: Desired but not required – Certified Information Systems Security Professional (CISSP), Certified
- Information Security Manager, (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and
- Information Systems Control (CRISC).
ACTIVE DATES
Urgent hiring!