Company Overview:
McDermott is a premier, fully-integrated provider of technology, engineering and construction solutions to the energy industry. For more than a century, customers have trusted McDermott to design and build end-to-end infrastructure and technology solutions—from the wellhead to the storage tank—to transport and transform oil and gas into the products the world needs today.
Job Overview:
IT Corporate Functions – Senior IT Pillar Specialist is responsible for being a strategic partner with Finance to help deliver IT solutions/projects that meet business objectives. This specialist will also be responsible for facilitation of quality systems support for finance end-to-end process including the close cycles (month-end, quarter & year-end), support of all subledgers and the GL.
Experience
* 5+ years of experience with threat and vulnerability management (TVM) program and operations
* 3+ years of experience working with threat intelligence feeds and IOCs
Education
High School Diploma w/10 years of experience in information security or college diploma with 6 years of information security experience
Additional
* 10 years of IT experience
* 7+ years in an information security role
* 5+ years of experience with threat and vulnerability management program and operations
* 3+ years of experience working with threat intelligence feeds and IOCs
* 3+ years of experience in a security engineer role
* 3+ experience with cloud vulnerabilities
* 2+ years of experience with endpoint protection tools
* 2+ years of experience with security information and event management (SIEM) tools
* 1+ years of experience with perimeter security
Primary Functions
* Operate within the global Cybersecurity Team within the Information Technology department
* Ensure global alignment with Company’s best practices for patch, posture, and vulnerability management
* Maintain and improve the TVM program’s operational performance, processes, and technology
* Maintain awareness of cybersecurity threats, events, tactics, techniques, and procedures (TTPs)
* Act as a trusted advisor within IT on vulnerabilities and patches
* Collaboration with system owners and support teams to analyze and evaluate mitigation strategies, providing guidance and improving strategies/procedures
* Work with SOC to ensure vulnerability assessments/scans (VA)) are complete and reliable
* Determine impact to environment when new standards tools, or processes are implemented
* Advise on product roadmap security features and practical implementation
* Track emerging technologies and identify opportunities for improving overall Cybersecurity
Tasks and Responsibilities
* Regular interaction with the Director of Cybersecurity and the Security Operations Team to review threat activity, adversary tactics, targeted vulnerabilities, and exposure risks
* Daily monitoring for zero-day threats, patches, mitigations, and strategies.
* Utilize threat intelligence to manage potential threats and reduce the likelihood of exploitation
* Maintain technical expertise, apply applicable industry standards and best practices
* Interact with system owners and IT teams to drive remediation or mitigation of identified vulnerabilities
* Ensure necessary administration and support tasks are completed and direct others as necessary
* Review monthly SOC VA reports for accuracy, trends, and advises on deviations from expected norms
* Troubleshoot and resolve TVM related support tickets that have been escalated
* Evaluate new tools and techniques to enhance the security posture
* Administer and mature tool configurations, optimize performance, and feature utilization
* Integrate tools to automate critical response tasks.
* Evaluate TVM tool and patches, updates, and perform maintenance
* Develop detailed documentation on TVM implementation, configuration, and processes
* Plan, develop, and implement new security devices or services for TVM as needed
* Identify, create and mature cybersecurity operations processes.
* Assist with forensic investigations and incident response team (CIRT) activities.as needed
* Assist with security awareness activities (communications, posters, events, assessments) as needed
* Participate in incident runbook development
* Escalate pertinent findings in a timely manner.
* Support Compliance managers in providing Cybersecurity artifacts.
* Align information cybersecurity operations with NIST CSF, and ISO 27001 controls
Other Expectations:
* In-depth knowledge of system vulnerabilities, threat intel feeds and contextualization of vulnerabilities
* Independently assess risks, for devise mitigation strategies for compensating controls
* Demonstrable knowledge of common infrastructure and web application vulnerability categorizations such as CVE, CVSS, CWE
* Cloud security posture and vulnerability management expertise
* Experience executing attack defense tactics with security technologies including DNS, SMTP, firewall, and endpoint solutions.
* Experience and participation as needed with security incident and investigations
* Assist as needed with security awareness content such as communications, posters, presentations
* Experience with security management/configuration cloud tools and services
* Experience maintaining and troubleshooting: endpoint security, SIEM systems, network security, cloud security, and perimeter security tools.
* Experience with Active Directory
* Experience with Microsoft desktop and server operating systems, RedHat Linux and variants.
* Able to bring projects to successful completion within appropriate timeline
* Able to respond to emergencies 24 hours a day, 7 days a week, as needed
* Strong analysis and problem-solving skills
* Strong oral and written communication skills
* Detail oriented in investigations and communications Able to handle confidential investigations with discretion
* Able to multi-task and prioritize workload
* Experience in a team-oriented, collaborative environment
* Able to work after-hours and on call as needed
* Certifications: CISSP, GSEC, CRISC, OSCP, GCTI, GEVA, Security+, Vendor Certifications