We're assisting our local employer, Patterson-UTI Energy, in seeking to fill the Sr. Cyber Security Analyst position.
Location: Houston, TX 77064
The Sr. Cyber Security Analyst will report to the Director of Enterprise Security and will be responsible for supporting the Company’s Information and Operational Technology (IT/OT) cybersecurity programs for its corporate networks and industrial process control systems. This position will identify and evaluate security risks within the organization and drive implementation of leading practices and solutions to mitigate exposures and manage cyber security risks.
- Develop, monitor, and maintain an enterprise cybersecurity practice aligned to the NIST Cyber Security Framework
- Implement and maintain security policies, standards, and procedures
- Collaborate with key stakeholders to scope and perform regular vulnerability assessments to evaluate cyber risks to the IT/OT environment
- Evaluate and implement cyber solutions and services required to manage risks to an acceptable level.
- Actively collaborate with key internal and external stakeholders, industry groups and law enforcement to understand threat landscape facing the organization.
- Administer ongoing cybersecurity education and awareness programs for employees and third parties
- Consult with IT and OT development and infrastructure teams to analyze business impact and exposure and establish standards based on emerging security threats, vulnerabilities, and risks.
- Manage internal and third-party providers conducting periodic assessments and network penetration exercises.
- Lead cross functional IT/OT security incident response team based on incident response plan
- Conduct, support and/or assist investigations into security incidents and remediation efforts
- Develop and report on smart cybersecurity metrics and key security indicators regularly
- Provide Subject Matter Expertise (SME) for security related issues and initiatives.
- Assist the Director of Enterprise Security with other duties as assigned or delegated.
- Deep knowledge and experience within the cybersecurity domain including cyber defense, threat and vulnerability management, advanced security analytics, data security, security operations and managed security services
- Solid understanding of emerging technologies in IT, Internet of Things, and Industrial Control Systems data platforms
- Assist in the development and execution of an enterprise security strategy complemented by policies, procedures, and tools to effectively manage cyber risks for the enterprise
- Strong written/verbal communication, complimented by presentation and interpersonal skills with the ability to establish effective rapport at all levels of the organization.
- Participate fully in all Health, Safety and Environment (HSE) initiatives and safety programs
- Perform other duties as assigned
Demonstrated ability in the following competencies:
- Build and Maintain Effective Relationships
- Develop Self and Others
- Technical and Business Acumen
- Drive for Results
- Customer focus
- Decision Quality
- Bachelor's degree in Computer Science, Management Information Systems, Engineering, or other relevant field; or equivalent combination of education and experience required.
- 6+ years of experience in network security engineering and support in an enterprise environment
- Experience with security gateways, vulnerability scanning tools, cloud-based authentication systems and CASBs
- Demonstrated, hands-on experience evaluating and deploying end-to-end cybersecurity technical solutions, including end point protection, SIEM, DLP, IdM, MFA, encryption, monitoring and similar solutions and technologies
- 5+ years of experience in designing, developing, implementing cyber programs and solutions, including education and awareness, security incident response plans and reporting of key performance indicators
- Experience supporting cybersecurity programs based on the NIST framework
- CISSP certification (preferred)
- Technical knowledge and understanding of process control systems and data acquisition and analytics platforms
- Experience architecting security infrastructure in cloud platforms
- Strong interpersonal, verbal, and written communication skills, with the ability to communicate effectively with all levels within the organization, both technical and non-technical
- Ability to lead technical discussions and projects in an organized manner
- 2 or more years of experience securing industrial process controls networks/systems
- Oil and gas or energy services industry experience
This position requires the person to be able to work in a time sensitive, high visibility role while maintaining a calm and professional demeanor when adversity is encountered. It also requires the physical ability to work in an office environment including the ability to sit for extended periods of time while performing office or computer tasks. It may also require extended travel and/or overnight stay(s) during variable hours (e.g., weekend(s), holiday(s), within and outside of Houston). The job may require some overtime including weekend or holidays. All applicants must be able to commit to a full-time schedule.