At Subsea 7, we take pride in being recognised globally as a leader across the Energy Industry. For 5 decades our people have delivered over 1,000 projects in all water depths across our energy hubs and we continue to do so, adapting and evolving in an ever-changing world.
Our sustainability and ongoing success are only possible through innovation, collaboration and the development and diversity of our people, assets, and technology. By joining Subsea 7, you become part of a team of people who everyday ‘Make Incredible Things Happen’.
DESCRIPTION OF ROLE
The IT Security Engineer is responsible for ensuring IT systems are designed and implemented effectively as part of the information security framework. To remain well-versed in newest technologies in the cyber security space as they enhance security but also to understand programs used to attack. This includes a wide range of day-to-day IT security services as part of the Global IT team to support the business to function efficiently and maintain the confidentiality, integrity, and availability of Subsea 7’s systems and data.
All personnel are expected to contribute to creating a positive HSEQ culture within Subsea 7 and ensure familiarity with and adherence to local HSEQ codes and practices.
KEY RESPONSIBILITIES
- Assist the Information Security Manager, when appropriate, with security related tasks, audits, projects, governance, and approvals
- Assist and complete internal security investigations
- Complete incidents, service requests and escalations within agreed service level agreement targets
- Create, update, and oversee execution of daily, weekly, monthly, quarterly, and annual security assessments and analysis of systems
- Coordinate changes with managed services providers and internal service owners
- Provide governance and approvals related to minor and standard BAU changes to internal security controls
- Create, update, and oversee execution of daily, weekly, monthly, quarterly, and annual security assessments and analysis of systems
- Develop and maintain service and operational procedures or technical design documents
- Provide on-call support, as needed, for emergency security issues
- Undertake ad-hoc projects as agreed with the Management team
KEY RELATIONSHIPS/ STAKEHOLDERS
External
- Industry peers
- Relevant authorities, including audit partners
- Key IT services suppliers and partners
- Key business partners, including clients and joint venture partners
- Relevant professional bodies, classification societies, standardisation organisations
Internal
- IT Management
- Functional management
- Global IT
PERSON SPECIFICATION
- Preferred degree level education, or equivalent experience.
- Preferred ITIL qualifications & understanding of security accredited standards e.g. ISO 27001, NIST.
- Preferred Security certification (e.g. Security +, Ethical Hackers).
- Relevant years experience of working in IT or relevant years’ experience of IT Security role.
- Strong working knowledge of security infrastructure (e.g., firewalls, intrusion prevention systems).
- Verifiable experience reviewing application code for security vulnerabilities.
- Direct, hands-on experience or strong working knowledge of vulnerability management tools.
- Documented experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises on new applications and services.
- Strong understanding of protect/detect/respond principles.
- Cloud security experience, preferably with Microsoft Azure, Office 365.
- Strong EDR experience; configuration, alert triage, reporting.
- Good understanding of networking protocols.
- Strong organisational skills.
- Strong communication skills with variety of stakeholders.
- Ability to communicate technical & process issues effectively to the business.
- Enthusiastic, energetic, and self-motivated with good management skills.
- Evidence of ability to work under pressure and meet tight deadlines.
- Good interpersonal skills and the ability to work in a team or independently.
Subsea 7 are committed to creating a diverse workforce and we look to offer excellent career opportunities as you develop your skills and aspirations.
Along with a wide range of benefits and a flexible working environment, employees can further enhance their work-life balance through our Remote Working Policy.