Title:
Cyber Security Specialist
General: KBR-SL seeks a detail-oriented computer specialist with expertise in planning, coordinating, and implementing information security systems. The desired candidate will be proficient in analysis, forensics, reverse-engineering, and in allaying cybersecurity risks for Project information networks.
You will:
- Use the SIEM tool / dashboard and reports along with other monitoring / admin tools to continuously monitor the security status of the system and compliance with certification requirements.
- Develop, update, and implement security measures and controls for all information systems, in particular for the Management Information System (MIS).
- Secure data and information systems, protecting them from unauthorized access or tampering.
- Provide technical support and monitor security access, ensuring that the Project Team and Supply Chain Partners are aware of security restrictions and adhere to access and system use across the programme and locations.
- Perform regular internal and external security audits.
- Develop better logging, boundary rules and reporting techniques to identify and minimise intrusion.
- Respond to cyber events or incidents in accordance with the Cyber Incident Management Plan, escalating and supporting as appropriate. and.
- Analyse the source of security breaches, if possible,identify perpetrators and liaise with our Contract Security Manager and the client’s Principal Security Advisor (PSyA) as appropriate. ?
- Recommend and implement security tools and anti-malware software.
- Determine, adapt, and maintain corporate security procedures and policies, actively monitoring industry and international practices and identifying and implementing any actions to remain compliant.
- Provide staff with security awareness training and advisories on a regular basis and identify customer and client specialists to mentor and train to transfer cyber security aspects to the customer and user community as part of the transformation programme.
- Coordinate security measures with external contacts, ensuring compliance with all relevant client and customer IT policies and implement new security instructions and policies as and when introduced by the customer.
- Inform management of security vulnerabilities.
- Lead on cyber security certification
Specific: Main duties could include providing advice on:
- Maintainbuilt in security controls & posture during the operation of the system, including any changes that may occur on software systems, networks and data centres
- looking for vulnerabilities and risks in hardware and software
- finding the best way to secure the IT infrastructure of our, the client and the customers’ organisations, as requested
- how to improve defences and cyber resilience at all levels in a cost-effective way,
- constantly monitoring for attacks and intrusions
- when the cyber security specialist finds a potential threat or attempted breach, closing off the security vulnerability following the agreed processes
- identifying trends in attack perpetrators and liaising with the Client as necessary
- Other tasks as given by the Contract Security Manager or the Project Execution Manager
Experience and Skills:
Essential:
- You have successfully executed a DLP (data loss prevention) plan.
- You have experience with vulnerability management software tools, such as Nessus, SpyBot, Qualys, and Altera.
- You possess a passionate understanding of cloud computing.
- You exhibit dependability and integrity.
- You have an instinct for detail.
- You understand hackers’ motivation and possess a passion to prevail over attacks.
- You have the ability to adapt to rapid changes and are driven by an innate curiosity to reverse engineer attacks and develop solutions.
- Strong IT skills and knowledge including hardware, software and networks
- Ability to use logic and reasoning to identify the strengths and weaknesses of IT systems
- A forensic approach to challenges
- A deep understanding of how hackers work and ability to keep up with the fast pace of change in the criminal cyber-underworld
- Operationalisingthreat intelligence, CERT advisories and alerts from a variety of sources
- Ability to seek out vulnerabilities in IT infrastructures
Desirable:
- You have excellent report writing and communication skills.
- You have the ability to multitask and work well independently or with a team.
- You possess an aptitude for time management.
Scheduled Weekly Hours:
48
KBR is a global provider of differentiated professional services and technologies across the asset and program lifecycle within the Government Solutions and Energy sectors. KBR employs approximately 38,000 people worldwide (including our joint ventures), with customers in more than 80 countries, and operations in 40 countries, across three synergistic global businesses:
Government Solutions , serving government customers globally, including capabilities that cover the full lifecycle of defense, space, aviation and other government programs and missions from research and development, through systems engineering, test and evaluation, program management, to operations, maintenance, and field logistics
Technology Solutions , featuring proprietary technology, equipment, catalysts, digital solutions and related technical services for the monetization of hydrocarbons, including refining, petrochemicals, ammonia and specialty chemicals, as well as inorganics
Energy Solutions , including onshore oil and gas; LNG (liquefaction and regasification)/GTL; oil refining; petrochemicals; chemicals; fertilizers; differentiated EPC; maintenance services (Brown & Root Industrial Services); offshore oil and gas (shallow-water, deep-water, subsea); floating solutions (FPU, FPSO, FLNG & FSRU); program management and consulting services
KBR is proud to work with its customers across the globe to provide technology, value-added services, integrated EPC delivery and long term operations and maintenance services to ensure consistent delivery with predictable results. At KBR, We Deliver .
