Global Cybersecurity Specialist - Technical

About the role

Works closely with and have impact on: All HSO Functions

Reports to: Global IT Infrastructure & Operations Director

Function: Global IT

Role Overview

The Cybersecurity Specialist is responsible for implementing, managing, and enhancing cybersecurity measures to protect the organization's digital assets and information systems. This role involves development of security architecture and design, analyze security threats, and implement technical solutions.

Duties and Responsibilities

• Develop, implement, and maintain security architecture, guidelines, and procedures in accordance with information security policies and industry best practices.
• Develop security tools investment roadmap and ensure integration of security measures into the organization's infrastructure.
• Evaluate and assess the security maturity of third-party vendors and partners to ensure compliance with the organization's security standards based on ISO27001.
• Establish and manage security monitoring tools such as EDR, NDR, Splunk, Microsoft Sentinel etc. to detect and analyze security risks and threats.
• Lead investigation of security incidents by analyzing logs, identifying security issues, and recommending solution.
• Track suspicious network, application, and user behavior.
• Investigate breaches, gathering evidence, and analyzing data.
• Conduct and prepare security log / access reviews.
• Communicate security requirements and recommendations to stakeholders and executive leadership.
• Experience in implementing cybersecurity solutions within IT and OT environments.
• Hands-on experience in Data Classification and Loss Prevention tools.

Requirements

Experience

• Minimum of 6+ years of experience as a security professional

Skills/Accreditations

• Knowledge of common security framework like ISO27001, CIS, NIST, etc.
• Experience with Microsoft Azure cloud and native security solutions is required.
• Working experience with incident response in relation to cyber events is required.
• Knowledge of regulatory requirements related to cybersecurity (e.g., GDPR, FDA, etc).
• Excellent communication skills in English (spoken & written) and comfort communicating security risks and controls to technical and non-technical stakeholders.
• Experience with DevSecOps transformation is plus.

Academic Qualifications

• Bachelor’s degree in computer science or related discipline
• Industry certifications such as CISSP or Cybersecurity Subject Matter Expert.

Travel requirements

• On Demand (less than 10%)