The Security Engineer’s role is to build and maintain networksecurity solutions for the Global Network Security organization. This includes developing secure networks, systems/projects, and handling technical problems that arise. Operationally, responsibilities include ensuring the enterprise networksecurity solutions are managed and operated effectively to include systems monitoring, health checks, metrics, and reporting. The Security Engineer works closely with the Information Protection and Compliance Organization, Network Team, and diverse IT and business teams to assist and coordinate the remediation efforts. Conducts continuous security analysis on network, application, and infrastructure components; and works across IT and business teams to develop solutions that address root causes. Also serves as a member of the Incident Response Team.
This position reports to the Global Security Operations Manager and is located at our North American Headquarters in Downtown Houston. The position offers a competitive base salary, bonus, 401K matching, generous benefits package, pension plan and employee discounts.
- Monitor the security of an organization’s network from threats originating from inside and outside the organization.
- Collect, and analyze data to make decisions and recommendations regarding security standards and controls.
- Conduct continuous analysis of securitythreat information (viruses, malicious code, industry events, hackers and zero day exploits, OEM weaknesses, IDS/IPS and SIEM alerting, etc.) in order to proactively assess and investigate emerging threats and potential impact to LyondellBasell.
- Implementing enterprise and Industrial Control systems security controls
- Ensure operational effectiveness of enterprise networksecurity solutions by development and monitoring of operational metrics and key performance indicators.
- Liaise with system and network administrators to assist with implementation and problem resolution for enterprise networksecurity solutions.
- Support relationship with Managed Security Services Provider for network monitoring and incident response services.
- Configure and install firewalls and intrusion detection systems.
- Manage firewall and intrusion detection systems policies.
- Assist in the investigation of intrusion incidents, forensic investigations, and incident response.
- Collaborate with colleagues on authentication, authorization, and other networksecurity solutions.
- Evaluate new technologies and processes that enhance security capabilities.
- Assist on changes in software, hardware, network, and telecommunications.
- Implement and execute LyondellBasell security standards and policies.
- Addressing security throughout the lifecycle of the architecture design from procurement to installation to maintenance to decommissioning.
- Bachelor’s Degree in Computer Science with 7 years of work experienceor 10+ years of relevant experience.
- 5+ years networking experience.
- Advanced oral and written communication skills.
- Hands on experience with multiple firewall vendors.
- Hands on experience with the design and implementation of perimeter tools such as web proxies and intrusion prevention systems.
- Strong knowledge of security protocols and design concepts.
- Experience with WAF, Load Balancing, and DNS/DDOS protection.
- Experience with large-scale IP networking and extensive knowledge of WAN technologies.
- Experience with IP routing protocols such as EIGRP, OSPF and BGP.
- Knowledge of encryption technologies (IPSec, SSL), and hot standby protocols HSRP and VRRP.
- Must be flexible and able to manage multiple tasks and priorities on very tight deadlines.
- Knowledge and experience with diverse IT architectures and enterprise IT data centers, cloud hosted services and cloud computing environments. Knowledge and experience with physical and virtual server configurations and implementations.
- Knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management and security baselines.
- Experience deploying security policies, procedures that apply specifically to the Industrial Control Systems ICS.
- Familiarity with specific ICS standards, NIST 800-82, API 1164, and Information Security standards Such as ISO/IEC 27002.
- Familiarity with IT process and quality frameworks such as ISO, COBIT, and ITIL.
- Familiarity with audit concepts (e.g. Sarbanes-Oxley 404, PCAOB Audit Standards, PCI, etc.)
- Able to work effectively in a matrix-management environment.
- Excellent interpersonal, analytical, organizational, and problem-solving skills.
- Must be a self-starter & team player with ability to work independently with limited supervision.