Senior Cybersecurity Engineer (SOC)

Company Overview:Our ingenuity fuels daily life. Together, we've forged some of the most trusted partnerships across the energy value chain to make what was once just an idea a reality: laying subsea infrastructure thousands of feet below sea level, installing platforms hundreds of miles from shore, using our expertise to design and build offshore wind infrastructure, and reshaping the onshore landscape to deliver the energy products the world needs safely and sustainably.For more than 100 years, we've been making the impossible possible. Today, we're driving the energy transition with more than 30,000 of the brightest minds across 54 countries.Job Overview:Manages and proactively assesses cybersecurity issues and threats, runs complex analyses on incidents, and uses in-depth research to inform company's resolution process.Lead and oversee the investigation of the most complex and critical cybersecurity incidents and guide team in the resolution process when necessary.Recommends and coordinates the development, enhancement, organization, and maintenance of cybersecurity solutions, processes and policies, including research and triage analysis.Manage resources and projects within cyber operationsCollaborate with peers to align cybersecurity operations practices globallyAssist in the analysis, design and development of an Information Security roadmap aligned with McDermott's business strategies.Assume ownership of identified systems, controls and processes to provide proper oversight, management, and maintenance of them as well enhance and augment as neededMaintain awareness of emerging threats and technology to ensure there are adequate controls in placeContinuously improve the integration and effectiveness of implemented technologies.Maintain awareness of cybersecurity threats, events, tactics, techniques, and procedures (TTPs).Key Tasks and Responsibilities:Maintain consistency and SLAs for cyber operations deliver.Provide guidance and mentorship to resources.Assist with security awareness planning and delivery.Work with IT risk assessment function to ensure the proper security configurations and controls are implemented for IT projects.Serve as an internal trusted advisor providing security services, advice on security, and assist with compensating control alternatives where security requirements cannot be met.Contribute to identification of strengths and weaknesses for security solutions impacting business strategies.Identify cybersecurity operations technology gaps, deficiencies, and recommend corrective actions.Create documentation of findings and recommendations (root cause and risk analysis) as needed.Assist with forensic investigations and incident response team (CIRT) activities.Assign work to Cyber SOC for remediation.Respond to critical business impacting events and coordinate the efforts required to include the proper resources to remediate the issue.Coordinate major cybersecurity incident situations and provide internal communications via email in a timely fashion.Support Compliance managers in providing Cybersecurity artifacts.Ensure alignment within information cybersecurity operations with NIST, and ISO 27002 requirements.Essential Qualifications and Education:Bachelor's Degree Information Technology + 3 years of experience or 7 years of direct security experience7 or more years of experience working in Information SecurityExperience with cloud services and APIsWorking knowledge of firewall, router, network switch, VOIP, and wireless architecture and operationExperience with forensic investigation experienceExperience with security incident and investigation reports/briefingsExperience with Active DirectoryExperience with Microsoft desktop and server operating systemsExperience in a team-oriented, collaborative environmentStrong analysis and problem-solving skillsStrong oral and written communication skillsDetail oriented in investigations and communicationsAble to handle confidential investigations with discretionAbility to multi-task and prioritize workloadFamiliarity with PowerShell, Python and/or SQL is a plusFamiliarity with security orchestration, automation and response (SOAR) is a plusRequired Certification (1): Security+, CASP+, SSCP, CISSP or equivalent accepted cybersecurity certificationWorking knowledge of the following Information Security domains, 4 required, security operations mandatorySecurity Operations (Mandatory)Cloud SecurityNetwork SecurityVulnerability and Threat ManagementIdentity and Access Management (IAM)Database SecurityApplication Security5 or more years of experience in security operations3 or more years of experience with security information and event management (SIEM) tools3 or more years of experience with endpoint protection tools3 or more years of experience working with threat intelligence feeds and IOCs3 or more years of experience managing or delivering projects