Senior OT Security Analyst

RESPONSIBILITIES:

• Understand the organization's technology and OT systems.
• Design and research security architectures.
• Ensure compliance with Noble, customers, and regulatory standards in OT operations.
• Develop and approve requirements for network devices and installations.
• Test, maintain, and upgrade security systems as needed.
• Participate in disaster recovery and conduct security breach drills.
• Respond to security incidents and provide analysis.
• Guide the security team, promote awareness, and arrange ongoing education.
• Stay current on security systems, standards, protocols, and products.
• Establish secure system and application designs aligned with best practices.
• Advise on new initiatives to define and implement necessary security controls.
• Assess security risk and impact of organizational system changes.
• Identify opportunities to standardize and optimize the security stack, leveraging cloud capabilities.
• Monitor industry trends, threats, vulnerabilities, and technologies.
• Make independent decisions and represent leadership when required.
• Support customer audits by preparing evidence and reviewing risk assessments for Noble’s rigs.

QUALIFICATIONS:

• Bachelor’s Degree or equivalent education in Computer Science, Information Systems, information Security or other Information Technology-related field.
• Additional certifications (CISSP, CASP+ or similar certification required)
• 7 years of related experience in technical security and engineering function, including hands-on experience in: GDPR, NIST 800-53, NIST 800-171, NIST CSF, IEC- 62443
• Provide technical security architecture guidance and oversight to ensure increased security architecture maturity
• Ability to travel15 to 20% as needed.
• Knowledgeable and familiar with security risk assessments – both in evaluating and reviewing assessments conducted by the offshore team
• Ability to conduct a security risk assessment when required.
• Experience with conducting security audits based on standards, preferably IEC-62443
• Articulate issues, risks, and proposed solutions to various levels of staff and management
• Contribute to the development of the security strategy, policy and service delivery objectives and best- practices for the design and delivery of security architecture services
• Maintain processes, standards and policies for the implementation and maintenance of security architecture principles within projects
• Manage multiple enterprise-wide programs simultaneously
• Expected to work with employees from all areas of IT and maintain a good working relationship with them.
• Proficient with interacting with multiple levels and roles within the organization and shall have the ability to apply different strategies to convince others to change their opinions or plans.
• Proficient interpersonal skills with the ability to interact professionally with all levels within the organization

Demonstrated experience in implementing and managing at least 9 of the following security defenses:

• Intrusion detection and prevention systems
• Endpoint monitoring
• Data loss prevention
• Firewalls
• Security Information and Event Management
• Network tabs, traffic aggregators and filters
• Policies, standards, procedures and other forms of documentation
• Cloud architecture, security controls, secure configuration, and deployment
• A sound understanding of emerging threats and industry trends

SUPERVISORY

None

#LI-Hybrid