Senior IT Pillar Specialist (Senior Cybersecurity Engineer)
McDermott
- Houston, TX
- Permanent
- Full-time
- Ensure global alignment with Company's best practices for patch, posture, and vulnerability management
- Maintain and improve the TVM program's operational performance, processes, and technology
- Maintain awareness of cybersecurity threats, events, tactics, techniques, and procedures (TTPs)
- Act as a trusted advisor within IT on vulnerabilities and patches
- Collaboration with system owners and support teams to analyze and evaluate mitigation strategies, providing guidance and improving strategies/procedures
- Work with SOC to ensure vulnerability assessments/scans (VA)) are complete and reliable
- Determine impact to environment when new standards tools, or processes are implemented
- Advise on product roadmap security features and practical implementation
- Track emerging technologies and identify opportunities for improving overall Cybersecurity
- Regular interaction with the Director of Cybersecurity and the Security Operations Team to review threat activity, adversary tactics, targeted vulnerabilities, and exposure risks
- Daily monitoring for zero-day threats, patches, mitigations, and strategies.
- Utilize threat intelligence to manage potential threats and reduce the likelihood of exploitation
- Maintain technical expertise, apply applicable industry standards and best practices
- Interact with system owners and IT teams to drive remediation or mitigation of identified vulnerabilities
- Ensure necessary administration and support tasks are completed and direct others as necessary
- Review monthly SOC VA reports for accuracy, trends, and advises on deviations from expected norms
- Troubleshoot and resolve TVM related support tickets that have been escalated
- Evaluate new tools and techniques to enhance the security posture
- Administer and mature tool configurations, optimize performance, and feature utilization
- Integrate tools to automate critical response tasks.
- Evaluate TVM tool and patches, updates, and perform maintenance
- Develop detailed documentation on TVM implementation, configuration,and processes
- Plan, develop, and implement new security devices or services for TVM as needed
- Identify, create and mature cybersecurity operations processes.
- Assist with forensic investigations and incident response team (CIRT) activities.as needed
- Assist with security awareness activities (communications, posters, events, assessments) as needed
- Participate in incident runbook development
- Escalate pertinent findings in a timely manner.
- Support Compliance managers in providing Cybersecurity artifacts.
- Align information cybersecurity operations with NIST CSF, and ISO 27001 controls
- High School Diploma w/10 years of experience in information security or college diploma with 6 years of information security experience
- 5+ years of experience with threat and vulnerability management (TVM) program and operations
- 3+ years of experience working with threat intelligence feeds and IOCs
- In-depth knowledge of system vulnerabilities, threat intel feeds and contextualization of vulnerabilities
- Independently assess risks, for devise mitigation strategies for compensating controls
- Demonstrable knowledge of common infrastructure and web application vulnerability categorizations such as CVE, CVSS, CWE
- Cloud security posture and vulnerability management expertise
- Experience executing attack defense tactics with security technologies including DNS, SMTP, firewall, and endpoint solutions.
- Experience and participation as needed with security incident and investigations
- Assist as needed with security awareness content such as communications, posters, presentations
- Experience with security management/configuration cloud tools and services
- Experience maintaining and troubleshooting: endpoint security, SIEM systems, network security, cloud security, and perimeter security tools.
- Experience with Active Directory
- Experience with Microsoft desktop and server operating systems, RedHat Linux and variants.
- Able to bring projects to successful completion within appropriate timeline
- Able to respond to emergencies 24 hours a day, 7 days a week, as needed
- Strong analysis and problem-solving skills
- Strong oral and written communication skills
- Detail oriented in investigations and communications Able to handle confidential investigations with discretion
- Able to multi-task and prioritize workload
- Experience in a team-oriented, collaborative environment
- Able to work after-hours and on call as needed
- Certifications: CISSP, GSEC, CRISC, OSCP, GCTI, GEVA, Security+, Vendor Certifications
- 10 years of IT experience
- 7+ years in an information security role
- 5+ years of experience with threat and vulnerability management program and operations
- 3+ years of experience working with threat intelligence feeds and IOCs
- 3+ years of experience in a security engineer role
- 3+ experience with cloud vulnerabilities
- 2+ years of experience with endpoint protection tools
- 2+ years of experience with security information and event management (SIEM) tools
- 1+ years of experience with perimeter security