Description:
The Cyber Security Specialist will ensure to minimise the risk for CRH, both monetary and reputational, due to potential cyber security threats.
It is a pivotal role as it requires daily engagements between GIS (Group Information Security), OpCos (Operating Companies) and vendors who are supporting our security systems. The role will protect the organisation’s critical assets against any kind of cyber threat. Its purpose is to avoid, resist and respond to probable threats. This individual is also responsible for the ensuring successful remediation of technology vulnerabilities which could be exploited by an internal or external actor to gain unauthorized access to computer systems and data. Responsible for the validation of remediation steps taken to minimise threats, which have been mitigated by the IT Ops Teams.
Key Tasks And Responsibilities
In this role, you will be:
- Responsible for owning an area of Europe and the Operating Companies within that to build relationships to identify security issues & risks, and develop mitigation plans
- Able to write accurate and concise reports
- Involved in developing and implementing security baselines and hardening procedures for servers, databases, and network devices
- Working with existing and new security solutions such as End-Point Protection, Firewalls, Encryption, Proxy, SIEM
- Developing, improving & Enforcing security policies and procedures
- Responsible for reviewing security violation reports and investigates possible security exceptions
- Updating, maintaining and documenting security controls
- Participating in security operations support - Following up on information security related incidents
- Performing Patch & Vulnerability Management (Qualys)
- Identifying and advising on external risk (Bitsight)
- Participating in projects
- Consistently implementing security solutions at the business unit level
- Testing new security measures
- Advising and training colleagues
Travel expectations: Limited travel (10-20%) is expected in this role – must be free to travel worldwide
Key Functional Competencies
You Possess The Following
- Drive and energy to achieve desired results
- Strong IT skills and knowledge including hardware, software and networks
- Meticulous attention to detail
- Ability to use logic and reasoning to identify the strengths and weaknesses of IT systems
- Ability to identify the best course of action based on the risk
- Adaptability
Experience / Education
You are/have:
- Fluency in both speaking and writing English
- Third Level qualification (or equivalent) in information technology, Information Security or Engineering
- CISSP, CCSP, GCIH, GIAC (SANS), CCNP, Splunk certificates and / or other relevant security/Network type engineering certifications
- Experience of analysis and correlation toolsets. Including data extraction and manipulation for reporting and investigation purposes
- Experience of hardening and applying modern security standards across servers, workstations, SaaS-based solutions and network equipment
- Experience of administering enterprise endpoint and network security tools and platforms across enterprise networks consisting of Windows, OSX, and Linux endpoints
- Administration of Networking, and/or Linux & Windows environments would be advantageous
- Experience with Microsoft Azure Security Tools would be beneficial
- Knowledge of NIST 2.0 CSF would be beneficial