Cyber Security CIS Controls Analyst

Technip Energies is a leading Engineering & Technology company for the energy transition, with leadership positions in Liquefied Natural Gas (LNG), hydrogen and ethylene as well as growing market positions in blue and green hydrogen, sustainable chemistry and CO2 management. The company benefits from its robust project delivery model supported by extensive technology, products and services offering. 

Operating in 34 countries, our 15,000+ people are fully committed to bringing our client’s innovative projects to life, breaking boundaries to accelerate the energy transition for a better tomorrow.

At Technip Energies, we aim to offer an inspiring work experience: tackling some of the most complex technical and engineering challenges in the world in collaboration with a truly global team. We are convinced that the ingredients for success are engaged humans, a strong positive culture, an authentic drive to transform, committed leadership, and inspired talent. The successful implementation of innovations is the sum of creativity, teamwork and the quality of the execution.

About The Role:

CIS Controls Implementation

• Conduct audits to ensure compliance with CIS Controls.
• Create and monitor Key Performance Indicators (KPIs) related to security measures.

Vulnerability Assessments: 

• Conduct regular vulnerability assessments and penetration testing on network infrastructure, applications, and systems.
• Utilize automated tools and manual techniques to identify security vulnerabilities.
• Analyze and interpret vulnerability scan results to determine the severity and potential impact of identified vulnerabilities.
• Risk Analysis and Reporting: 
• Assess the risk associated with identified vulnerabilities and prioritize remediation efforts based on potential impact.
• Prepare detailed reports summarizing findings, risk levels, and recommended remediation actions.
• Communicate assessment results and recommendations to technical and non-echnical stakeholders.

Continuous Improvement: 

• Stay up-to-date with the latest cybersecurity trends, vulnerabilities, and threat intelligence.
• Recommend and implement improvements to vulnerability assessment processes and tools.
• Contribute to the development and maintenance of security policies, standards, and procedures.

Remediation and Mitigation: 

• Collaborate with IT and development teams to develop and implement remediation plans for identified vulnerabilities.
• Track and verify the effectiveness of remediation efforts to ensure vulnerabilities are properly addressed.
• Provide guidance and support to teams in implementing security best practices and configurations.

About You:

Education: Cybersecurity, Computer Science, Information Technology, Engineering or equivalent degree.

Certifications: Relevant certifications such as CISSP, CEH, OSCP, or GIAC are highly desirable.

Experiences in: 

• At least 5 years of experience in compliance, cybersecurity or another IT-related field covering a similar role.
• Experience in Energy and Technology business is a plus.
• Proven experience in conducting vulnerability assessments.
• Experience in implementing and/or auditing CIS Controls

Technical Skills:

• Knowledge of the CIS Controls framework and the three Implementation Groups (IG1, IG2, IG3).
• Strong knowledge of common vulnerabilities and attack vectors (e.g., OWASP Top Ten, CVE).
• Proficiency with vulnerability assessment tools (e.g., Rapid7, Nessus, Qualys, OpenVAS) and penetration testing frameworks (e.g., Metasploit, Burp Suite).
• Proficiency in using Microsoft tools such as Excel, Word, PowerPoint, Teams, Power BI, Project, and SharePoint.
• Knowledge of main cybersecurity international standards in the IT and OT space (e.g. ISO/IEC 27001, ISO/IEC 27002, IEC 62443, IEC 61850, ISO/IEC 27019).

Personal Skills:

• Ability to work in fast-paced, dynamic environment and adapt to change.
• Practiced in self-organization and follow-up skills.
• Excellent verbal and written communication skills; fluent in English.
• Effective interpersonal skills.
• Ability to work independently and as part of a team.
• Detail-oriented.
• Creative problem solver.
• Proactive and self-motivated.
• Strong ethical standards and integrity.

Ability to travel internationally as needed.

Languages: High level of Enlish

Internal applications are treated with priority by our Recruiting Team against external applications.  We also consider providing timely and direct feedback to internal applicants a must have. And once receiving your application, Recruiting Team will screen and match your skills, experience, and potential team fit against the role requirements.

We ask for your patience as the team completes the volume of applications with reasonable timeframe.  You can check your application progress directly in PeopleConnect Recruiting.