Our ingenuity fuels daily life. Together, we've forged some of the most trusted partnerships across the energy value chain to make what was once just an idea a reality: laying subsea infrastructure thousands of feet below sea level, installing platforms hundreds of miles from shore, using our expertise to design and build offshore wind infrastructure, and reshaping the onshore landscape to deliver the energy products the world needs safely and sustainably.
For more than 100 years, we've been making the impossible possible. Today, we're driving the energy transition with more than 30,000 of the brightest minds across 54 countries.
Job Overview:
Manages and proactively assesses cybersecurity issues and threats, runs complex analyses on incidents, and uses in-depth research to inform company's resolution process.
Lead and oversee the investigation of the most complex and critical cybersecurity incidents and guide team in the resolution process when necessary.
Recommends and coordinates the development, enhancement, organization, and maintenance of cybersecurity solutions, processes and policies, including research and triage analysis.
Manage resources and projects within cyber operations
Collaborate with peers to align cybersecurity operations practices globally
Assist in the analysis, design and development of an Information Security roadmap aligned with McDermott's business strategies.
Assume ownership of identified systems, controls and processes to provide proper oversight, management, and maintenance of them as well enhance and augment as needed
Maintain awareness of emerging threats and technology to ensure there are adequate controls in place
Continuously improve the integration and effectiveness of implemented technologies.
Maintain awareness of cybersecurity threats, events, tactics, techniques, and procedures (TTPs).
Key Tasks and Responsibilities:
Maintain consistency and SLAs for cyber operations deliver.
Provide guidance and mentorship to resources.
Assist with security awareness planning and delivery.
Work with IT risk assessment function to ensure the proper security configurations and controls are implemented for IT projects.
Serve as an internal trusted advisor providing security services, advice on security, and assist with compensating control alternatives where security requirements cannot be met.
Contribute to identification of strengths and weaknesses for security solutions impacting business strategies.
Identify cybersecurity operations technology gaps, deficiencies, and recommend corrective actions.
Create documentation of findings and recommendations (root cause and risk analysis) as needed.
Assist with forensic investigations and incident response team (CIRT) activities.
Assign work to Cyber SOC for remediation.
Respond to critical business impacting events and coordinate the efforts required to include the proper resources to remediate the issue.
Coordinate major cybersecurity incident situations and provide internal communications via email in a timely fashion.
Support Compliance managers in providing Cybersecurity artifacts.
Ensure alignment within information cybersecurity operations with NIST, and ISO 27002 requirements.
Essential Qualifications and Education:
Bachelor's Degree Information Technology + 3 years of experience or 7 years of direct security experience
7 or more years of experience working in Information Security
Experience with cloud services and APIs
Working knowledge of firewall, router, network switch, VOIP, and wireless architecture and operation
Experience with forensic investigation experience
Experience with security incident and investigation reports/briefings
Experience with Active Directory
Experience with Microsoft desktop and server operating systems
Experience in a team-oriented, collaborative environment
Strong analysis and problem-solving skills
Strong oral and written communication skills
Detail oriented in investigations and communications
Able to handle confidential investigations with discretion
Ability to multi-task and prioritize workload
Familiarity with PowerShell, Python and/or SQL is a plus
Familiarity with security orchestration, automation and response (SOAR) is a plus