Senior ICS Security Analyst

Noble Drilling

Full Time
Sugar land, TX
Posted 5 months ago

Leadership role in the development, implementation and assurance of adherence to Noble’s security and technology framework relating to ICS environments across Noble’s fleet. Work closely with internal and external stakeholders to help build and maintain an effective security program focused on protecting the confidentiality, integrity, and availability of Noble’s cyber assets, and mitigate risk across all ICS environments. Serve as a contributor providing operational support for risk management, regulatory compliance, and policy implementation and mentor staff to develop skillsets around ICS cyber security.

QUALIFICATIONS

  • Bachelor’s degree in Computer Engineering, Computer Science, or other IT related discipline
  • 8+ years of cyber security experience required
  • Direct experience with administration of Industrial Control Systems environments required with in-depth knowledge of data protection strategies, cyber networks and system vulnerabilities.
  • Ability to assess risks and form mitigation alternatives in defining compensating controls
  • Experience or knowledge in conducting cyber security vulnerability assessments and remediation activities
  • Field engineering experience required, preferably obtained through experience in a rotational, offshore position
  • IT auditing, network and systems engineering experience is a plus
  • Information security certifications such as CISSP, GISCP, CISA, or SANS GIAC required
  • Experience supporting compliance mandates and frameworks such as ISO, NERC CIP, NIST, DEP, APC (Achilles Practice Certification).  Direct experience with NIST standard is strongly desired.
  • Strong collaboration and mentorship skills
  • A problem solver and team player. Requires business insight, technical acuity, and the ability to think, communicate and write at various levels of abstraction.
  • Team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT and business personnel
  • Travel is an essential job function (est. 50% domestic, international and offshore).  Travel via helicopter and/or boat will be required for offshore installation trips
  • Ability to work overtime and on-call as required

ESSENTIAL FUNCTIONS

  • Support ongoing development of Noble’s ICS Cyber Security program
  • Participate in the execution of security projects including adaption of suggested best practices to the reality of field environments, task level plan development, and identification of risks and possible remediation actions
  • Manage project tasks effectively to assure timely and successful completion of projects with a high degree of customer satisfaction
  • Responsible for development and delivery of the Security Education and Training Program offshore
  • Conduct risk assessments, MOC reviews, testing, implementation of policy and procedures, operational maintenance, solution deployments, and system integration implementations on Noble’s offshore assets
  • Serve as subject matter expert on Noble’s ICS Cyber Security Policy
  • Support audits and assessments for rig certification programs
  • Participate in the creation of rig certification program deliverables
  • Participate in the design and implementation of secure operation technology infrastructure
  • Participate in efforts for ensuring rig certification artifacts and deliverables including fleet wide re-certifications are met
  • Support deployment and integration of security controls on Noble’s fleet
  • Conduct manual and automated security testing and support stakeholders in remediation activities
  • Support compliance with NIST, operational and corporate security best practices, regulatory standards, as well as development of security risk management and security program implementation processes
  • Interface with rig management and operations leadership fleet wide
  • Validate operational technology security processes are consistently being implemented
  • Support the cyber security team in technical implementation of POCs, testing and R&D
  • Participate in on site containment, remediation, and restoration efforts during cyber security incidents
  • Participate in the maintenance of Noble’s operational cyber asset inventory
  • Assist in the development of the strategic roadmap to promote security team operations goals
  • Assist in the implementation of a continuous improvement process approach for the Noble cyber security team
  • Participate in business continuity / disaster recovery activities as needed
  • Foster positive working relationships among IT teams
  • Participate in on call rotation
  • Adhere to professional standards and Noble’s Administrative Policy Manual
  • Serve as escalation contact for managed security service provider
  • Other duties as assigned.

SUPERVISORY

None

Apply Online

Job Features

Job CategoryAccounting & Bookkeeping, Analytical, Auditing, Business Administration, Computer Science, Data Management, Engineering, Industrial, Information Technology, Management, Security, Water Resources

Apply Online

A valid email address is required.
A valid phone number is required.