Enable America Jobs

Company Overview:

People power our future. That is why advancing a dynamic, inclusive environment, where everyone grows and thrives is critically important to us.

Our ingenuity fuels daily life. Together, we’ve forged some of the most trusted partnerships across the energy value chain to make what was once just an idea a reality: laying subsea infrastructure thousands of feet below sea level, installing offshore platforms hundreds of miles from shore, and using our expertise to design and build offshore wind infrastructure.

For more than 100 years, we've been making the impossible possible. Today, we're driving the energy transition with more than 30,000 of the brightest minds across 54 countries.

Here, what you do matters.

Job Overview:

Establish role as a local presence and focal point for business and IT contact, and create the relationships. As the local Cyber management presence, the Principal IT Pillar Specialist will provide guidance and support for the area, build and establish a strong relationship with Local IT in the area offices to ensure both interests initiatives and needs are addressed, work with local management to understand any area of concern or upcoming needs for Cyber, and communicate Cyber initiatives and changes to local management and IT operations.

Key Tasks and Responsibilities:

• Assist with the review, identification, development, and implementation of effective security controls, processes, and policies to improve security posture and identify gaps in existing controls

• Serve as an internal trusted advisor providing security services, advice on security, and assist with compensating control alternatives where security requirements cannot be met

• Maintain awareness of emerging threats and technology to ensure there are adequate controls in place

• Assist in the analysis, design and development of an Information Security roadmap aligned with McDermott’s business strategies

• Assist with strategic goals and objectives for the department and provide written and verbal updates to senior IT and business leadership

• Assist with the review, identification, development, and implementation of effective security controls, processes, and policies to improve security posture and identify gaps in existing controls

• Assist with Cyber security awareness initiatives and events

• Assist with incident response planning and activities

• Review, analyze, design, and advise on security controls, configurations, and implementations for IT projects

• Continuously improve the integration and effectiveness of implemented technologies

• Maintain awareness of cybersecurity threats, events, tactics, techniques, and procedures (TTPs)

• Identify cybersecurity operations technology gaps, deficiencies, and recommend corrective actions

• Assist with the planning, testing, tracking, remediation for identified cybersecurity operational weaknesses

• Identify, create and mature cybersecurity operations processes

• Work with IT risk assessment function to ensure the proper security configurations and controls are implemented for IT projects

• Provide pros/cons of security solutions impact business strategies

• Create documentation of findings and recommendations (root cause and risk analysis as needed

• Assist with forensic investigations and incident response team (CIRT) activities

• Assign work to Cyber SOC for remediation

• Escalate pertinent findings in a timely manner

• Leverage vendors and internal resources to interface various security tools to automate critical response tasks

• Support Compliance managers in providing Cybersecurity artifacts

• Align information cybersecurity operations with NIST, and ISO 27001 requirements

Essential Qualifications and Education:

• Bachelor’s Degree in Information Technology (minimum) or equivalent experience and certifications7 or more years of experience working in Information Security or relevant IT technical roles with increasing responsibilityRequired Certification (1):CISSP, CISM, GSEC, or equivalent accepted cyber management certification

• Working knowledge of the following Information Security domains, 4 required, security operations mandatory

• Security Operations (Mandatory)

• Cloud Security

• Network Security

• Vulnerability and Threat Management

• Identity and Access Management (IAM)

• Database Security

• Application Security

• 5 or more years of experience in cyber / security operations

• 3 or more years of experience with security information and event management (SIEM) tools

• 3 or more years of experience with endpoint protection tools

• 3 or more years of experience working with threat intelligence feeds and IOCs

• 3 or more years of experience managing or delivering projects

• Security Certification (Security+, CASP+, SSCP, CISSP)

Preferred Qualifications and Education:

• Experience with cloud services and APIs

• Working knowledge of firewall, router, network switch, VOIP, and wireless architecture and operation

• Experience with forensic investigation experience

• Experience with security incident and investigation reports/briefings

• Experience with Active Directory

• Experience with Microsoft desktop and server operating systems

• Experience in a team-oriented, collaborative environment

• Strong analysis and problem-solving skills

• Strong oral and written communication skills

• Detail oriented in investigations and communications

• Able to handle confidential investigations with discretion

• Ability to multi-task and prioritize workload

• Familiarity with PowerShell, Python and/or SQL is a plus

• Familiarity with security orchestration, automation and response (SOAR) is a plus

#LI-FM1

#LI-Hybrid

McDermott is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, genetic information, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.