Senior Security Officer

Seargin is a global leader in tech innovation, partnering with top-tier clients to deliver best solutions. We are currently looking for an experienced CSC Security Officer to join our remote team for Construction Technology company.

The IT Security Officer - Cybersecurity Center (CSC) helps deliver on the vision of Global IT Security Management and is accountable for delivering effective & scalable detection and response capabilities within Company security strategy. The role will work to improve the IT Security posture and reduce identified cybersecurity risks by working as part of a global team, and in close alignment with regional security teams.

Must-Have Requirements :

• Graduate degree in Business or Management; Bachelor’s degree in Computer Science, Engineering, or related discipline with an IT focus.
• Certifications : (CISSP, OSCP, Certified Ethical Hacker (C|EH), GIAC, CREST, CISA) would be an asset.

Specific work experience :

• 5+ years of experience in IT Security.
• Experience working in a global environment and with virtual teams.
• Demonstrable experience performing a senior role in a SOC environment or similar, with a focus on cyber security incident detection, response and resolution. Experience leading major security incidents in complex organizations would be a plus.
• Broad technical security knowledge of IT services, technology and IT solutions. Specific experience in one or more of the following :

o Network Security

o System / Infrastructure Security

o Industrial Control Technology (ICT / OT) Security

• Strong understanding of security operations, engineering and toolsets used for detection and response, including threat intelligence, SIEM, SOAR and other technologies / platforms; with focus in process automation.
• Technology advocate and proficient in project / service management concepts and common tools.
• Confidence in owning a relationship with multiple third parties.

Technical / functional skills :

• Knowledge of modern attacker tactics, techniques, and procedures, and great awareness of cybersecurity trends.
• Ability to drive innovative ways to detect vulnerabilities and exploit activity, and neutralize them through advanced technological countermeasures.
• Experience in creating BAU runbooks, use-case definitions and operating procedures.
• Experience in the use of security frameworks and Methodologies such as MITRE ATT&CK, MaGMa, TaHiTI or NIST.
• Experience with managing threats associated with cloud platforms (AWS, Google) and artifacts (code, containers, hardware devices, infrastructure).
• Deep knowledge in application and infrastructure security, as well as security fundamentals (IAM, Data Protection, PKI, Network Security).
• Strong attention to detail with an analytical mind and outstanding problem-solving skills, especially in performing tasks such as log analysis.
• Ability to conduct deep technical research into issues and products.
• Strong reporting, dashboarding and communication skills; ability to write or present actionable intelligence derived from raw data for IT and Non-IT stakeholders.
• Expertise across a number of the following areas / tools : Google scripting, ServiceNow, JIRA, Splunk, QRadar, Kali Linux, NMAP, Burp, Reverse engineering, Digital Forensics.

Nice-to-Have Requirements :

• Ability to deal with difficult situations, unclear priorities and blocking stakeholders.
• Ability to communicate openly and effectively with many diverse constituencies and stakeholders.
• Ability to work decisively under heavy workload.
• Cultural sensitivity and social flexibility in a global corporate environment..
• High willingness to drive transformation and service improvement.
• Strong customer / end-user / client service orientation.
• Highly self-motivated and directed.
• Keen attention to detail.
• Capability for problem solving, decision making, sound judgment, assertiveness.

Leadership and managerial abilities :

• Ability to champion new initiatives and technologies – “Change Leader”
• Strong relationship building and interpersonal skills.

Linguistic skills :

• Excellent English (written & spoken) - other languages are a plus.

Mobility requirements :

• Travels ~5% (estimate).

MAIN ACTIVITIES / RESPONSIBILITIES

• Ensure CSC tools and services are effectively utilized and operated, identify gaps in process or procedures and implement new solutions accordingly.
• Ensure incident identification, assessment, reporting, communication, mitigation and monitoring.
• Establish operational foundations, defining and tracking SLAs, metrics, and KPIs to drive governance, quality, and efficiency.
• Creation of reports, dashboards, metrics for CSC and regular reporting to Senior Leadership and other technical and non-technical stakeholders.
• Drive the continuous integration of standard and non-standard log sources in security monitoring and detection tools as a means to achieve excellence in detection and response.
• Lead the definition and development of use cases, playbooks, policies and custom tooling to continuously improve security maturity.
• Develop and enhance incident response processes, to detect and effectively respond to information security events and incidents.
• Influence and mature CSC processes through innovation and operational change.
• Ensure detection, escalation and response services are available 24 / 7. As Security incidents may occur, at all hours and across geographies, this role will be part of the cross functional team responsible to drive urgent security response in crisis scenarios.
• Work effectively as part of a geographically distributed organization to run a high performing global detection and response service coordinating the different teams and service providers involved.
• Stay abreast of industry trends and changing threat landscape and review technologies / services and make recommendations.