SEARGIN IS HIRING!!
Seargin is a global leader in tech innovation, partnering with top-tier clients to deliver best solutions. We are currently looking for an experienced CSC Security Officer to join our remote team for Construction Technology company.
The IT Security Officer - Cybersecurity Center (CSC) helps deliver on the vision of Global IT Security Management and is accountable for delivering effective & scalable detection and response capabilities within Company security strategy. The role will work to improve the IT Security posture and reduce identified cybersecurity risks by working as part of a global team, and in close alignment with regional security teams.
Must-Have Requirements:
● Graduate degree in Business or Management; Bachelor’s degree in Computer Science, Engineering, or related discipline with an IT focus.
● Certifications: (CISSP, OSCP, Certified Ethical Hacker (C|EH), GIAC, CREST, CISA) would be an asset.
Specific work experience:
● 5+ years of experience in IT Security.
● Experience working in a global environment and with virtual teams.
● Demonstrable experience performing a senior role in a SOC environment or similar, with a focus on cyber security incident detection, response and resolution. Experience leading major security incidents in complex organizations would be a plus.
● Broad technical security knowledge of IT services, technology and IT solutions. Specific experience in one or more of the following:
o Cloud Security
o Network Security
o System/Infrastructure Security
o Industrial Control Technology (ICT/OT) Security
● Strong understanding of security operations, engineering and toolsets used for detection and response, including threat intelligence, SIEM, SOAR and other technologies/platforms; with focus in process automation.
● Technology advocate and proficient in project / service management concepts and common tools.
● Confidence in owning a relationship with multiple third parties.
Technical / functional skills:
● Knowledge of modern attacker tactics, techniques, and procedures, and great awareness of cybersecurity trends.
● Ability to drive innovative ways to detect vulnerabilities and exploit activity, and neutralize them through advanced technological countermeasures.
● Experience in creating BAU runbooks, use-case definitions and operating procedures.
● Experience in the use of security frameworks and Methodologies such as MITRE ATT&CK, MaGMa, TaHiTI or NIST.
● Experience with managing threats associated with cloud platforms (AWS, Google) and artifacts (code, containers, hardware devices, infrastructure).
● Deep knowledge in application and infrastructure security, as well as security fundamentals (IAM, Data Protection, PKI, Network Security).
● Strong attention to detail with an analytical mind and outstanding problem-solving skills, especially in performing tasks such as log analysis.
● Ability to conduct deep technical research into issues and products.
● Strong reporting, dashboarding and communication skills; ability to write or present actionable intelligence derived from raw data for IT and Non-IT stakeholders.
● Expertise across a number of the following areas/tools: Google scripting, ServiceNow, JIRA, Splunk, QRadar, Kali Linux, NMAP, Burp, Reverse engineering, Digital Forensics.
Nice-to-Have Requirements:
● Ability to deal with difficult situations, unclear priorities and blocking stakeholders.
● Ability to communicate openly and effectively with many diverse constituencies and stakeholders.
● Ability to work decisively under heavy workload.
● Cultural sensitivity and social flexibility in a global corporate environment..
● High willingness to drive transformation and service improvement.
● Strong customer / end-user / client service orientation.
● Highly self-motivated and directed.
● Keen attention to detail.
● Capability for problem solving, decision making, sound judgment, assertiveness.
Leadership and managerial abilities:
● Ability to champion new initiatives and technologies – “Change Leader”
● Strong relationship building and interpersonal skills.
Linguistic skills:
● Excellent English (written & spoken) - other languages are a plus.
Mobility requirements:
● Travels ~5% (estimate).
MAIN ACTIVITIES / RESPONSIBILITIES
● Ensure CSC tools and services are effectively utilized and operated, identify gaps in process or procedures and implement new solutions accordingly.
● Ensure incident identification, assessment, reporting, communication, mitigation and monitoring.
● Establish operational foundations, defining and tracking SLAs, metrics, and KPIs to drive governance, quality, and efficiency.
● Creation of reports, dashboards, metrics for CSC and regular reporting to Senior Leadership and other technical and non-technical stakeholders.
● Drive the continuous integration of standard and non-standard log sources in security monitoring and detection tools as a means to achieve excellence in detection and response.
● Lead the definition and development of use cases, playbooks, policies and custom tooling to continuously improve security maturity.
● Develop and enhance incident response processes, to detect and effectively respond to information security events and incidents.
● Influence and mature CSC processes through innovation and operational change.
● Ensure detection, escalation and response services are available 24/7. As Security incidents may occur, at all hours and across geographies, this role will be part of the cross functional team responsible to drive urgent security response in crisis scenarios.
● Work effectively as part of a geographically distributed organization to run a high performing global detection and response service coordinating the different teams and service providers involved.
● Stay abreast of industry trends and changing threat landscape and review technologies/services and make recommendations.