Senior OT Security Analyst
Noble Corporation · Houston, TX · 3 wk ago
HybridInformation TechnologyFull-time
About the role
The Senior OT Security Analyst will be responsible for implementing and maintaining security systems for both on-premises and cloud OT networks. This position requires a deep understanding of the organization's technology and OT systems, as well as expertise in security architectures and compliance with relevant standards.
Responsibilities
- Understand the organization's technology and OT systems.
- Design and research security architectures.
- Ensure compliance with Noble, customers, and regulatory standards in OT operations.
- Develop and approve requirements for network devices and installations.
- Test, maintain, and upgrade security systems as needed.
- Participate in disaster recovery and conduct security breach drills.
- Respond to security incidents and provide analysis.
- Guide the security team, promote awareness, and arrange ongoing education.
- Stay current on security systems, standards, protocols, and products.
- Establish secure system and application designs aligned with best practices.
- Advise on new initiatives to define and implement necessary security controls.
- Audit security risk and impact of organizational system changes.
- Identify opportunities to standardize and optimize the security stack, leveraging cloud capabilities.
- Maintain processes, standards, and policies for the implementation and maintenance of security architecture principles within projects.
- Support customer audits by preparing evidence and reviewing risk assessments for Noble’s rigs.
Qualifications
- Bachelor’s Degree or equivalent education in Computer Science, Information Systems, information Security or other Information Technology-related field.
- Additional certifications (CISSP, CASP+ or similar certification required).
- 7 years of related experience in technical security and engineering function, including hands-on experience in: GDPR, NIST 800-53, NIST 800-171, NIST CSF, IEC- 62443.
- Provide technical security architecture guidance and oversight to ensure increased security architecture maturity.
- Ability to travel 15 to 20% as needed.
- Knowledgeable and familiar with security risk assessments – both in evaluating and reviewing assessments conducted by the offshore team.
- Experience with conducting security audits based on standards, preferably IEC-62443.
- Articulate issues, risks, and proposed solutions to various levels of staff and management.
- Contribute to the development of the security strategy, policy and service delivery objectives and best- practices for the design and delivery of security architecture services.
- Manage multiple enterprise-wide programs simultaneously.
- Expected to work with employees from all areas of IT and maintain a good working relationship with them.
- Proficient with interacting with multiple levels and roles within the organization and shall have the ability to apply different strategies to convince others to change their opinions or plans.
- Proficient interpersonal skills with the ability to interact professionally with all levels within the organization.
- Demonstrated experience in implementing and managing at least 9 of the following security defenses: Intrusion detection and prevention systems, Endpoint monitoring, Data loss prevention, Firewalls, Security Information and Event Management, Network tabs, traffic aggregators and filters, Policies, standards, procedures and other forms of documentation, Cloud architecture, security controls, secure configuration, and deployment.
- A sound understanding of emerging threats and industry trends.