Sr. Information Security Analyst (IT/OT) - Full Time - Houston in Houston, TX at Vaco

Date Posted: 11/22/2019

Job Snapshot

Job Description

Vaco has a client in Houston, TX looking for a Sr. Information Security Architect to join their team full time. This role will be responsible for supporting the Company's Information and Operational Technology (IT/OT) cybersecurity programs for its corporate networks and industrial process control systems. This position will identify and evaluate security risks within the organization and drive implementation of leading practices and solutions to mitigate exposures and adequately manage cyber security risks.

Detailed Description:

  • Develop, monitor and maintain an enterprise cybersecurity practice aligned to the NIST Cyber Security Framework
  • Draft, implement, and maintain IT/OT security policies, standards, and procedures
  • Collaborate with key stakeholders to scope and perform regular vulnerability assessments to evaluate cyber risks to the IT/OT environment
  • Evaluate and implement cyber solutions and services required to manage risks
  • Participate and actively collaborate with key internal and external stakeholders, industry groups and law enforcement to understand threats and leading practices
  • Administer ongoing cybersecurity education and awareness programs for employees and 3rd parties
  • Consult with IT and OT development and infrastructure teams to analyze business impact and exposure and establish standards based on emerging security threats, vulnerabilities and risks.
  • Manage internal and 3rd party providers conducting periodic assessments and network penetration tests
  • Lead cross functional IT/OT security incident response team based on incident response plan
  • Conduct, support and/or assist investigations into security incidents and recovery efforts
  • Develop and report on cybersecurity metrics and key security, risk, and compliance indicators
  • Provide Subject Matter Expertise (SME) for security related issues and initiatives.
  • Assist the Director of Enterprise Security with other duties as assigned or delegated.



Job Requirements

  • Deep knowledge and experience within the cybersecurity domain including cyber defense, threat and vulnerability management, advanced security analytics, data security, identity management, security operations and managed security services
  • Solid understanding of emerging technologies in IT such as a Cloud Platform, Internet of Things and Industrial Control Systems data platforms
  • Assist in establishing an enterprise security strategy complemented by the required policies, procedures and tools to effectively manage cyber risks in the enterprise
  • Strong written/verbal communication, presentation and interpersonal skills with the ability to establish effective rapport with all levels of employees and provide professional customer services


Minimum Qualifications:

  • Bachelor's degree in Computer Science, Management Information Systems, Engineering, or other relevant field; or equivalent combination of education and experience required.
  • 5+ years of experience in network security engineering and support in an enterprise environment
  • Experience with security gateways, vulnerability scanning tools, cloud-based authentication systems and CASBs
  • Demonstrated, hands-on experience evaluating and deploying end-to-end cybersecurity technical solutions, including end point protection, SIEM, DLP, IdM, MFA, encryption, monitoring and similar solutions and technologies
  • 5+ years of experience in designing, developing, implementing cyber programs and solutions, including education and awareness, security incident response plans and reporting of key performance indicators


Preferred Qualifications:

  • CISSP certification (NOT REQUIRED)
  • Experience supporting cybersecurity programs based on the NIST framework
  • Technical knowledge and understanding of process control systems and data acquisition and analytics platforms
  • Experience architecting security infrastructure in cloud platforms
  • Strong interpersonal, verbal, and written communication skills, with the ability to communicate effectively with all levels within the organization, both technical and non-technical
  • Ability to lead technical discussions and projects in an organized manner
  • 2 or more years of experience securing industrial process controls networks/systems
  • Oil and gas or energy services industry experience
US Citizens and those authorized to work in the US are encouraged to apply. Our client is unable to sponsor or transfer visas at this time. Local candidates preferred.