Location: Houston, Texas, US
Job Skill Group: Information Technology
Date: Mar 20, 2022
ABOUT HESS CORPORATION
Hess is a leading international independent energy company engaged in the exploration and production of crude oil and natural gas.
We have an industry leading position in the Bakken in North Dakota – a key U.S. shale play. Hess is also one of the largest producers in the deepwater Gulf of Mexico and a key natural gas producer and supplier to Peninsular Malaysia and Thailand. The company is engaged in exploration and appraisal activities offshore Guyana, participating in one of the industry’s largest oil discoveries in the past decade, as well as the Gulf of Mexico, Suriname and Nova Scotia.
Hess aims to attract, retain and energize the best people by investing in their professional development and providing them with challenging and rewarding opportunities for personal growth. We are always looking for talented professionals who share our values and are passionate about making a difference in the world and in their careers. We strive to meet the highest standards of corporate citizenship by protecting the health and safety of our employees, safeguarding the environment and creating a long-lasting, positive impact on the communities where we do business.
For more information about Hess Corporation, please visit our website at Hess.com.
POSITION SUMMARY
This member of the Hess Cybersecurity team works cross-organizationally with IT and other business organizations and focuses on the security architecture and operations, ensuring effective security controls to protect, detect, and respond to cybersecurity incidents are designed, implemented, and maintained.
This role directly interfaces with IT Business Liaisons, Service Providers, Enterprise Architecture, Technology and Infrastructure Teams, product vendors, Internal and External Audit, and the Project Management Office.
Successful applicants for this position must be fully vaccinated against COVID-19 as a condition of employment.
ROLES & RESPONSIBILITIES
- Develops and maintains the cybersecurity architecture process
- Participates in the creation of cybersecurity strategy plans and roadmaps
- Develops and maintains cybersecurity architecture artifacts that can be used to leverage security capabilities in projects and operations
- Tracks developments and changes in the digital business and threat landscape to ensure risks are addressed in security strategy plans and architecture artifacts
- Reviews and recommend improvements for cybersecurity operational and tools procedures and playbooks
- Monitors and improves activities related to the cybersecurity incident response, security tools, and security operation teams
- Validates IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks
- Validates security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs, and anti-malware/endpoint protection systems
- Conducts or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or application
- Ensures a complete, accurate, and valid inventory of all systems, infrastructure, and applications that should be logged by the security information and event management (SIEM) or log management tool
- Reviews network segmentation to ensure the least privilege for network access
- Supports the testing and validation of security controls, as directed by the CISO
- Reviews security technologies, tools and services, and recommends solutions to improve security posture
- Evaluate exceptions to cybersecurity policies and standards
- Define baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and other technologies
- Drafts security standards, procedures, specifications, and guidelines
- Participates in application and infrastructure projects to provide security advice
- Servers as an Incident Response Commander, as required.
QUALIFICATIONS
Experience
- Minimum of three (3) years IT Security Architecture and/or Security Operations Management
- Working knowledge of managing security infrastructure and tools — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM, and log management technology
- Experience designing the deployment of applications and infrastructure into public cloud services.
- Full-stack knowledge of IT infrastructure:
- Operating systems — Windows
- Hypervisors – VMWare
- IP networks — WAN and LAN
- Storage networks
- Databases
- Applications
- Containers/Kubernetes
- Working knowledge of NIST Cybersecurity Framework (CSF), NIST 800-53, NIST 800-82, and CIS.
Education, Training & Certifications
- Bachelor’s or equivalent experience in computer science, information systems, cybersecurity, or a related field
- One or more of the following (or comparable) certifications: CISSP, CISA, CISM, CCSP
- Optional Certifications: PMP, CSM, GSTRT, GPGM
Behavioral Expectations:
- Effectively build trusted relationships
- Effective communication and interpersonal skills
- Ability to lead structured meetings with Leadership members
- Ability to work independently with minimal supervision or with a larger team
- Ability to quickly adapt to new work processes, procedures, and/or requirements
- Ability to think critically and strategically
- Ability to identify inefficiencies and seek creative, workable solutions
- Ability to set priorities, determine actionable steps and deliver the expected result
- Ability to handle multiple tasks and manage deadlines
- Highly motivated and self-starter
Competencies
The Hess Way of Working refers to competencies considered absolute pre-requisites for success. How you deliver results is as important as what you achieve. Every employee is expected to demonstrate the behaviors within these competencies to be considered an effective performer and, ultimately, earn career growth opportunities.
- Builds Trusted Relationships
- Develops Talent
- Creates Effective Teams
- Thinks Strategically
- Inspires Innovation
- Demonstrates Courage
- Drives Continuous Improvement
- Makes Quality Decisions
- Delivers High Performance
Posting Notes: Lisa B Willet | Employee | Information Technology | United States| Texas | Houston | | | | | No | 25973
More Information
- Address Houston, TX, USA
- Salary Offer $50.000 ~ $100.000
- Experience Level Senior
- Total Years Experience 0-5