Cybersecurity Specialist
La Brea or Point Fortin, South West
Permanent Full Time
Posted On 11.28.2024
Expire On 12.13.2024 Employer
Description
Job Title: Cybersecurity Specialist
Department: Information & Digital Technology
Section: Information & Digital Technology
Reports To: Director- Information & Digital Technology
Job Purpose:
The jobholder is an expert in the field of cybersecurity and ensures the protection and security of the company's computer systems, networks, digital assets and infrastructure against cyber threats to maintain confidentiality and availability of critical data and systems. As the authority on cyber security for the company, the position holder establishes robust cyber security policies and procedures, maintains the organisation's information security management program to ensure that the Company's information assets are adequately protected against cyber-threats/
He/She will be required to chorale the support of senior leaders to develop and maintain a seamless overarching cyber security system that integrates both the information technology and operational technologies of the company. He/She manages and advances the company's defence against cyber threats to both business and plant systems, conducts risk assessments and audits to identify and mitigate vulnerabilities, monitors and responds to security incidents, develops and implements training the workforce so they are equipped to protect the company's digital assets and stays up-to-date with emerging cyber threats and trends.
As Chairman of the Company's Cybersecurity Steering Committee, the position holder will be required to provide reports to the Subcommittee of the Board on the company's cybersecurity performance, escalate risks and highlight actions and resources required to advance the company's cybersecurity agenda.
Principal Accountabilities:
Department: Information & Digital Technology
Section: Information & Digital Technology
Reports To: Director- Information & Digital Technology
Job Purpose:
The jobholder is an expert in the field of cybersecurity and ensures the protection and security of the company's computer systems, networks, digital assets and infrastructure against cyber threats to maintain confidentiality and availability of critical data and systems. As the authority on cyber security for the company, the position holder establishes robust cyber security policies and procedures, maintains the organisation's information security management program to ensure that the Company's information assets are adequately protected against cyber-threats/
He/She will be required to chorale the support of senior leaders to develop and maintain a seamless overarching cyber security system that integrates both the information technology and operational technologies of the company. He/She manages and advances the company's defence against cyber threats to both business and plant systems, conducts risk assessments and audits to identify and mitigate vulnerabilities, monitors and responds to security incidents, develops and implements training the workforce so they are equipped to protect the company's digital assets and stays up-to-date with emerging cyber threats and trends.
As Chairman of the Company's Cybersecurity Steering Committee, the position holder will be required to provide reports to the Subcommittee of the Board on the company's cybersecurity performance, escalate risks and highlight actions and resources required to advance the company's cybersecurity agenda.
Principal Accountabilities:
- Develops, implements and monitors a strategic enterprise information security risk management program, inclusive of philosophies for presentation and mitigation of cybersecurity attacks such as ransomware attacks payments and cybersecurity insurance; and enhances the information security governance framework based on emerging vulnerabilities and threats, and assessed business risk
- Conduct regular security assessments and vulnerability testing of the company's computer systems, non-process and process control netowrks, and other digital assets to identify & assess potential risks and implement appropriate measures to reduce weaknesses that could be exploited by Cyber criminals
- Develop and implements Incident Response Plans to quickly identify and respond to security incidents in the non-process and process control networks as well as establishing procedures for incident reporting, investigation, containment and recovery.
- Work with stakeholders within and outside of the organization to ensure compliance with all relevant cybersecurity and privacy regulations and standards such as the National Institute of Standards & Technology (NIST), International Electrotechnical Commission (IEC) 62442, including raising the cybersecurity risk awareness and compliance levels in employees.
Competencies:
Technical:
- Strong ability to design, manage and maintain a comprehensive company-wide strategic information security risk management framework and program
- Ability to analyze information technology security threats in real-time and work with senior leaders across the organization to mitigate these risks
- Ability to stay up to date with regulatory and industrial security standard and compliance requirements which are constantly evolving
- Proficient in the use of cybersecurity technology and the use of digital applications
- Role models the organisation's core values- spirit
- Strong analytical thinking for complex problem solving and deep understanding of company Information Technology (IT)/ Operational Technology (OT) infrastructure security systems and business processes
- Meticulous attention to detail to detect potential threats and implement measures correctly
- Excellent communication skills with the ability to effectively convey the import of cyber security risks and instill confidence to a variety of audiences including staff, Leadership and Board sub-committees
- Embodies a learner mindset- is future focused, curious, innovative, creative and embraces change
Qualifications, Knowledge, and Experience:
- A first degree in Computer Science, Information Technology, Electrical & Computer Engineering or Management Information Services from a recognised, accredited institution.
- A minimum of eight (8) years' direct work experience with IT/OT networking and telecommunication services, security systems, firewall and network access control, cloud computing systems and security, preferably in the Oil and Gas industry
- Strong working knowledge of computer networking, information security, data privacy, operating systems, and programming languages
- Recognized certification in Cybersecurity- e.g., Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM)
- Strong knowledge of regulations and standards for industry- e.g. National Institute of Standards and Technology (NIST), International Organisation for Standards (ISO), Control Objectives for Information and Related Technologies (COBIT).
Overview
Tags
Job Requirements
- A first degree in Computer Science, Information Technology, Electrical & Computer Engineering or Management Information Services from a recognised, accredited institution.
- A minimum of eight (8) years' direct work experience with IT/OT networking and telecommunication services, security systems, firewall and network access control, cloud computing systems and security, preferably in the Oil and Gas industry
- Strong working knowledge of computer networking, information security, data privacy, operating systems, and programming languages
- Recognized certification in Cybersecurity- e.g., Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM)
- Strong knowledge of regulations and standards for industry- e.g. National Institute of Standards and Technology (NIST), International Organisation for Standards (ISO), Control Objectives for Information and Related Technologies (COBIT).
Career Advice
BROWSE JOBSHow to Negotiate Effectively
Begin with the end in mind Define the problem or opportunity accurately Set your objectives clearly in your own mind including your minimum acceptable outcome your anticipated outcome and y…
Read More