Senior Cybersecurity Specialist - OT; Operations Technology - Houston, TX

Senior Cybersecurity Specialist - OT (Operations Technology)

Job
-73637

Location:

Houston, Texas, United States

• Delivers programs and processes to reduce information security risk and strengthen the organization's security posture to address complex security incidents.
• Provides guidance on escalated issues that require complex solutions, conducts critical analysis of project status, potential risks, and continual process improvement.
• Coordinates and performs maintenance to ensure reliable and secure performance of security systems, including applying security patches, implementing version upgrades, modifying, improving services, and performing ongoing operational management tasks.
• Ensures technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes.
• Prepares and updates plans that identify security weaknesses and establishes milestones and compensatory controls for remediating these weaknesses and tracking the progress and effectiveness of the remediation.
• Leads periodic monitoring of audit log occurrences and reports findings and concerns for further analysis and action, including breach notification and initiation of incident response, in accordance with protocols and procedures.
• Performs other duties as assigned.

• Bachelor's Degree in Computer Science, Information Technology, or equivalent relevant work experience.
• Master's Degree is a plus

• 5+ years of experience in Information Security, Cyber Security, or relevant roles.
• 3+ years of experience in incident responses, security monitoring, threat and vulnerability functions of an organization with a complex Information Technology environment.

• Strong technical understanding of OT security monitoring, threat and vulnerability, and incident response processes, procedures, guidelines, and solutions.
• Knowledge of OT network infrastructure, SCADA/DCS systems, data/communication systems, management systems, and security/compliance.
• Understanding of relevant cybersecurity regulations and best practices, pertinent to utility environments (such as NIST SP 800-53/82, NERC CIP, NEI 08-09, ISA 99, NIST CSF and C2M2).
• Deep understanding of operating systems, programming, networking, malware defenses, perimeter controls, security assessment, web applications, intrusion analysis, malware analysis and incident response.
• Understanding in network design, configuration, and maintenance with various hardware manufacturers; understanding PLC/DCS, server virtual machines and industrial network architectures and how to effectively support securing these technologies.
• Proficiency in cyber kill chain framework.
• Understands information security as it relates to the business and other areas of IT; understands direct impacts and risks to the business.
• Strong multi-tasking capabilities, exceptional skills to adjust to multiple demands, shifting priorities, ambiguity and rapid change as well as dealing efficiently with escalations and difficult situations/people under pressure e.g. to restore services.
• An overall understanding of the business objectives of service lines and Core Business Services departments.

• Demonstrated skills to collaborate across a diverse technical workforce in multiple locations, overseeing a full range of technology platforms and solutions as well as vendor personnel.
• Ability to coach staff; personal drive and energy level to achieve superior results individually and through others.
• Excellent communication skills and ability to convey technical concepts to a non-technical audience.

• Ability to participate in co‑operative working relationships including knowledge sharing and partnership in achieving solutions within and across business or operational functions.

• Professional certifications in Information Security (CISSP, CISM, CISA).
• Bilingual in English and Spanish.

• Professional certifications in Information Security (CISSP, CISM, CISA).
• Technical certifications (operations i.e. GCIA, GCIH, CEH, SSCP).

HYBRID:
Work a combination of onsite and remote days each week, typically 4 days per week onsite.

Starting salaries may vary based on factors such as relevant experience, qualifications, and education. This position is eligible for an annual performance‑based incentive (bonus) as well as merit‑based recognition.

Company benefits include health and welfare (medical, dental, vision), employer contributions to retirement benefits, life insurance, paid time off, tuition reimbursement, paid parental leave, and employee assistance programs.

Pay Range: $ - $ / year