Cybersecurity Operations Center Senior Analyst
Sofia, BG, 6294
ContourGlobal develops, acquires, and operates power generation facilities with proven and cutting-edge energy technologies. We are an international high-growth company, founded in 2005, that has grown exponentially to own and operate a fleet of renewable and thermal assets, located in 20 countries across 4 continents. Wherever we operate, we are committed to the highest standards of health and safety, environmental, social responsibility, our people’s well-being. Our longstanding ESG pledge includes becoming net-zero carbon by 2050.
Acquisition of ContourGlobal by the US private-equity fund KKR will enable us greatly to further expand our portfolio, increase investment in the energy transition, and take advantage of new opportunities in our core markets. Our multinational, integrated team of almost 1500 people prides itself on our culture and values, and welcomes entrepreneurial, innovative, ambitious, and collaborative professionals to come join us.
JOB SUMMARY:
We are currently seeking a Cybersecurity Operations Center (CSOC) Senior Analyst to complete the Cybersecurity Operations Center CSOC team. The CSOC Senior Analyst reports to Deputy Chief Information Security Officer and performs cybersecurity event monitoring and incident response, active defense, cybersecurity infrastructure operations support and cybersecurity vulnerability/patch/configuration support activities.
KEY RESPONSIBILITIES:
- Perform cybersecurity event monitoring and incident response.
- Perform incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.
- Support CSOC team lead to prepare timely updates to business leaders on occurrence, impact & progress of incidents.
- Perform report root cause analysis and execute action plans to remediate the root cause.
- Develop and implement CSOC operational procedures, e.g., incident response processes and procedures, cybersecurity infrastructure system administration.
- Support the planning and plan and execution of training, drills, tabletop exercises to maintain CSOC team readiness to respond to cybersecurity incidents and other operational activities.
- Support cybersecurity “hygiene” functions: vulnerability management and remediation, patch management, cybersecurity configuration management.
- Support CSOC team lead for audit and compliance activities, e.g., furnish information relevant for audit activities, respond to audit findings and remediation tasks, receive and direct compliance issues to appropriate resources for investigation & resolution.
- Support CSOC team lead development of cybersecurity operational level plans.
OTHER ACTIVITIES:
- Support the CISO in collecting and reporting cybersecurity operations KPIs, including cybersecurity event and incident metrics, to monitor and report cybersecurity operational effectiveness.
- Keep abreast with emerging cybersecurity operation trends and issues; and understand business related cybersecurity risks and support requirements.
- Support CSOC team lead in engagement of technology, security, and business stakeholders to create awareness and alignment with cybersecurity operational needs.
- Support the development and conduct of the enterprise awareness and training program strategy.
COMMIT TO LEAD WITH OUR VALUES:
- Commit to CG values as expressed in the Essential Information. Model the values in any interaction internally and externally
- Put Health and Safety First
- Embrace Timely Transparency
- Model the 3Cs – Communication, Collaboration and Coordination
- Embrace Failure analysis and continuous improvement including Five Whys
- Seek out ways to incorporate technology and Artificial Intelligence into the company’s legal practice
QUALIFICATION AND SKILLS:
- Minimum of 5 years in Cybersecurity operations ideally within Energy sector
- A degree in computer science, IT, systems engineering, or related qualification
- Proficient and experienced in cybersecurity incident management and response
- Experience with cybersecurity vulnerability, patch and configuration management processes
- Experience in security device management, cyber-attack detection and Security Incident & Event Management (SIEM) tools
- Knowledge of cybersecurity design and implementation practices, ideally within the Electric Utilities or similar industry sectors with critical infrastructure OT environments
- Experience with cybersecurity operations performance reporting
- Excellent communication skills
- Strong analytical and critical thinking skills
- Expertise with a wide variety of cybersecurity vendors and tools, and experience designing and managing vendor evaluation processes
- Knowledgeable about cyber attackers’ tactics, techniques and procedures (TTP)
- Team player, motivated to help others and comfortable giving and receiving feedback
- Flexible, resilient under pressure, and decisive, with a proven track record of delivering results to a high standard within tight deadlines
- Willingness to travel to company facilities as required (20%)
- Certified Information System Security Professional (CISSP) certification
- CMU courses: Incident Response (Lead) curriculum is desirable
- SANS courses: Blue Team, Purple Team, ICS, Forensics curriculum; Red & Blue Team Workshop is desirable
This position reports hierarchically to Deputy Chief Information Security Officer
ContourGlobal provides equal employment opportunities and maintains a diverse workforce that reflects the rich environment of the society we live in and markets we operate.