Senior IT Security Specialist

JOB ROLE
 

• The IT Security Specialist is responsible for ensuring the effectiveness and security of SBM’s IT Security solutions in protecting SBM Offshore’s IT data and services.
• You advise within your area of expertise to ensure that SBM remains at the forefront of technological developments to identify innovative methods to reduce the risk profile of SBM Offshore.
• In the case of a Cybersecurity Incident, work with the security team to mitigate the risk introduced, recover, and investigate the Incident.

RESPONSIBILITIES
 

To support, govern and contribute to a fully integrated and aligned IT Strategy across the SBM organization, you are to:

•    Always explore for areas of improvements within SBM Offshore’s IT Security landscape and propose solutions together with IT Enterprise Architect team
•    Liaise, work together with- and advise your colleagues within different locations and disciplines;
•    Execute the processes and best practices necessary to work according to the direction and Strategy of Group IT (and make suggestions for improvement if required);
•    Maintain all security related documentation and working instruction in the central repository;
•    Ensure quality and accurate information of security assets in the CMDB
•    Participate and support the Network, Software and System team in solving cross-discipline complex problems that involves security;
•    Participate in Cyber Security activities and ICOSIT audits.
•    Work on four main areas (Implementation, Support, Monitor, Report)
•    Manage security incidents according to Incident Management Process
•    In the case of a security incident be able to begin a forensic investigation.

To ensure knowledge sharing and creating awareness amongst the IT community on your respective specialism, you are to:

•    Keep the IT community informed on any new initiatives and decisions taken that might have an impact on day-to-day business;
•    Participate in cybersecurity project implementation when required;
•    Ensure a cross functional alignment to minimize down-time within the overall IT landscape

To ensure that you understand and manage your stakeholders and their requirements as well as having assigned activities completed successfully, you are to:

•    Understand, plan and deliver assigned tasks with accuracy to meet stakeholders’ needs in a timely manner;
•    Identify areas requiring more detailed instructions and clarify as necessary with stakeholders to ensure no surprises;
•    Complete tasks in compliance with applicable policies, standards and work procedures;
•    Identify areas for potential cybersecurity risk issues and proactively communicate with stakeholders to resolve issues, share information and provide guidance as required;
•    Seek clarification or guidance as soon as difficulties arise and recommend alternative solutions;
•    Perform thorough self-check of all solutions prior to release for use by stakeholders;
•    Properly plan work to allow adequate time for stakeholder feedback and adjustments to ensure intended functionality;
•    Network with stakeholders to serve as a source of support in executing project
•    Produce consistent/organized instructions in a well-structured format to convey required information to stakeholders

JOB REQUIREMENTS 

•    Solid experience in Cyber Security and Data Protection roles
•    Familiar with hybrid security solutions, on-premise and cloud environment
•    Must possess some relevant security related certifications – Cloud Security, Pentest, Vulnerability assessor, CompTIA Security +
•    Must possess hands-on technical experience in minimum of 3 areas – AZURE Security, Pentest, Ethical Hacking, forensics, CIS Hardening, 
•    Possess the following technical hands-on experience will be added advantage – CES, Carbon Black, Bitdefender 
•    Able to travel overseas when required
•    Deep understanding of ISA/IEC 62443 and NIST SP 800-82
•    Knowledge of NIS2 directive
•    Experience in design and management of Information Security solutions
•    Advanced English level
•   Willing to work in a hybrid setting (remote and on-site)