Cyber Security Specialist

The Cyber Security unit is accountable and responsible for safeguarding our company's critical infrastructure, intellectual property, and customer data against evolving cyber threats, ensuring no interruption to operations. We take a proactive approach to building, deploying, and operating our Cyber capabilities to fortify our defenses, employing innovative and cutting-edge cyber technologies. Our duties span cyber threat management, real-time attack detection and prevention, and swift remediation, integrated with advanced artificial intelligence and machine learning. Additionally, we leverage Cyber DevOps automations to facilitate rapid deployment and threat mitigation, ensuring the resilience of our Operational Technology (OT), IT, and digital infrastructure in the face of emerging challenges.

We are responsible for defining and setting the Cyber framework and Security compliance policies across the company, including the development of robust Business continuity plans, disaster recovery, and critical management plans to ensure the resilience of our operations in the face of cyber threats and other emergencies.

Key Competencies

Technical

• Significant experience in Cyber Security engineering and delivery with a broad understanding of OT and IT services
• Subject matter expertise in Cyber Security for protecting IT, OT, and IP networks, including IPSec VPNs, Firewalls, SIEM, IPS/IDS, AV/EDR solutions, LDAP/AD, etc.
• Expertise in Privileged Access Management and related tools
• High level of expertise in Vulnerability and Compliance Management; DDOS protection
• Hands-on experience in Cyber Security engineering and design of cloud solutions (such as AWS, Azure, etc.), including open-source tools, DevOps, and automation capabilities to enhance cyber defense (such as Zabbix, ELK, Grafana, Netbox, Netmiko, Ansible, Alienvault, OpenVas, etc.)
• Professional-level knowledge in public clouds, such as AWS security services and architectures. Extensive knowledge of Private Clouds and related transferable skills are highly desirable.

Non-Technical

• Ability to collaborate effectively with others to drive forward key security objectives and goals
• Strong communication skills, including presentation and documentation writing (for both technical and business audiences)
• An aptitude for autonomous learning as required by business demands
• Proven track record of problem-solving abilities
• Assertiveness and the ability to drive through change, complex projects, and transformations
• Excellent teamwork skills, including the ability to work effectively within a geographically disparate team (nationally and internationally

Desirable but not essential:

• Knowledge of policy frameworks and understanding of policies, procedures, guideline structure, and regulatory landscapes, such as NERC CIP, NIST, NIS2, GDPR, EPCIP, etc.
• Virtualization technology, including containerization (e.g., Docker, Kubernetes, Linux, etc.)
• Host-based security products (threat detection, mitigations, end-user detection and response, micro-segmentation, zero trust)
• Experience working within an ITIL environment or structured platform management, particularly change and incident management
• Professional certifications, e.g., CISSP, CISM, CCNP, CCIE, AWS Certified Security, etc.

Key Accountabilities

Technical

• Design lead for end-to-end cyber capabilities for operational technology (OT) and Information Technology (IT), as per Cyber goals and company's strategy
• Technical leadership and subject matter expertise in Cyber Security
• Design security capabilities and tools for new infrastructure & digital deployments, and the existing ones
• Design and dynamically readjust cyber capabilities based on the cyber threat landscape
• Support to set, and potentially lead NOC/SOC operational team
• Lead Cyber incident response, conduct post-incident reviews (PIRs), root-cause-analysis (RCAs), and deploy mitigating solutions. Report on Cyber incidents and manage related action plans
• Proactive capacity management of the cyber platforms to ensure sufficient capacity is available at any time
• Design Cyber solutions that are well-integrated with the IT and OT platforms
• Data design for Cyber logs, reports, and incidents to align with the digitization strategy, intertwined with AI and ML
• Knowledge and experience of agile and DevOps methodologies
• Own development and implementation of policies and procedures, including operational cyber defense processes
• Provide cyber 2nd and 3rd line support as required to maintain service availability during cyber incidents

Strategic

• Work as part of the wider team to drive automation and data mining, as per cyber goals and wider strategy, to support the company's digitization transformation
• Put in place and drive the cyber roadmap for platform development and threat mitigation, aligned with the unit's cyber vision and strategy
• Continually develop professional cyber skills and awareness, remaining ahead of cyber attacks
• Lead on a number of complex technical deliverables ensuring work is completed on time and within budget
• Work and deliver under general direction within a clear framework of accountability
• Assume substantial personal responsibilities and autonomy
• Plan own work, engage stakeholders, and work with teams in the business to deliver on commitments
• Become a recognized expert in Cyber technologies

GCS is acting as an Employment Agency in relation to this vacancy.