Specialist, Cybersecurity - Defense Controls

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• 8-10 years of Infrastructure Security including vulnerability management
• 5 years of cloud cybersecurity controls management
• 5 years of IAM controls management
• Strong knowledge of modern vulnerability, cloud, and infrastructure cybersecurity tools and platforms
• Understanding of modern data protection technologies
• IT/OT Cyber Security technical expert on existing IT/OT Cyber Security solutions and perform assessment on systems, processes and standards to define and/or endorse changes.
• Knowledge of IT Security and infrastructure technologies.
• Process driven.
• Knowledgeable about policies, procedures, systems and best practices in the IT / OT Industry
• Strong planning skills
• Strong quantitative and analytical skills
• Ability to work effectively in virtual teams
• Strong communication skills
• Applicants must be currently authorized to work for SABIC in the United States on a full-time basis.

Responsibilities

• Oversee all identity lifecycle services and capabilities delivered internally or via managed service providers, including human and non-human identities, service accounts, secrets governance, and machine identity controls.
• Ensure all organizational needs for identities, identity management, and access management are delivered.
• Act as the focal point for escalating any IAM operational issues delivered via internal teams or 3rd-parties.
• Address any gaps or findings related to IAM services by internal or external audit or assessment teams.
• Manage projects and implementation of any required identity and access management tools, technologies, services, or integrations.
• Responsible for compliance to identity and access management related internal policies and standards, and external regulations.
• Oversee all access governance, PAM, JIT, MFA, SoD, access reviews, and audit-support services and capabilities delivered internally or via managed service providers.
• Govern, enable, manage, and maintain operational services for provisioning and deprovisioning of all identities.
• Govern, enable, manage, and maintain operational services for access management, including privileged access, just-in-time access, and supporting controls such as multi-factor authentication, role-based access, and conditional access.
• Enforce regulatory requirements for IT and OT systems.
• Enforce separation-of-duties.
• Support incident response and legal action requests, such as providing access logs.
• Enable and facilitate access reviews.
• Define and maintain cybersecurity operational processes for asset inventories for IT and OT environments.
• Govern cybersecurity asset inventory, ensuring it accurately reflects the operational environment and contains all needed information to enable the cybersecurity teams and services.
• Define assess identification scanning and vulnerability assessment scanning, vulnerability prioritization, and vulnerability remediation standards.
• Oversee vulnerability assessment process, ensuring scanning is aligned to cybersecurity policies and standards.
• Communicate vulnerability findings to asset owners and track remediation aligned to policies, standards, and enterprise risk management guidelines, escalating as needed per policies and processes.
• Define and maintain secure hardening baselines and cybersecurity operational control processes for hardening and securing cloud assets and on-premises infrastructure across IT and OT environments.
• Ensure all mandatory cybersecurity controls and services are implemented and operating as designed, achieving all cybersecurity control objectives, for controls related to identify and protect functions for cloud, infrastructure, and data.
• Ensure cloud, infrastructure, and data cybersecurity controls and associated tools and platforms are enabled to log and provide control telemetry to be integrated with SIEM and SOC services.
• Oversee remediation and correction of any KPI or SLA misses related to defensive/protective cybersecurity controls.
• Communicate cybersecurity control operational performance status to stakeholders, and via operational performance dashboards.
• Service delivery manager providing oversight of managed services providers who operationally deliver and manage cybersecurity controls for cloud, network, and endpoints.
• Coordinates with other cybersecurity roles to ensure cloud and on-premises infrastructure assets are appropriately covered by backups with integrity testing and assurable recovery.
• Develop operational processes and standards for data encryption and data loss prevention (DLP) controls.
• Govern operational implementation and policy and standard adherence for data-related protection controls across IT and OT environments.
• Define and maintain data classification guidelines in coordination with Legal teams.
• Develop and maintain DLP detection use cases and rules and implement them within DLP platforms and services.
• Coordinates with other cybersecurity roles to ensure data assets are appropriately covered by backups with integrity testing and assurable recovery
• Support shaping the Cyber Security Strategy and roadmap via feedback regarding identity and protect controls for IAM, cloud, infrastructure, and data protection
• Manages control implementation and improvements projects in the area of IAM, cloud, infrastructure, and data cybersecurity controls and capabilities, following the organization's project management and project execution processes
• Support projects to enable identities and access management integrations, processes, and workflows across IT and OT solutions
• Coordinate with cybersecurity Assurance role to incorporate any findings and lessons learned into cybersecurity control optimizations and improvements

Benefits

• excellent health and well-being benefits
• comprehensive learning programs