Contract: Cyber Security Assurance Engineer / Algeria

Cyber Security Assurance Engineer

The client is a joint venture composed of three partners; including 2 supermajors and the Algerian national oil and gas company, Sonatrach. In the joint venture, there are two major revenue and production sharing contracts, together they form the country's largest dry gas project.

Overview

As part of an ongoing project to upgrade the capability and security of the organization's IT infrastructure the client is looking for an experienced Cyber Security Assurance Engineer to join the team in Hassi Massaud, Algeria on a rotational contract assignment (28 days on, 28 days off).

The selected candidate will provide technical direction for the risk management and compliance functions within the Information Security team. This person will conduct activities ranging from policy, auditing, and risk analysis to overall risk mitigation with overall responsibility for all activities within the security compliance and risk management lifecycle.

These activities include:

• risk analysis,
• auditing,
• mitigation,
• governance
• & policy.

Duties & Responsibilities:

• Develop, update, and monitor compliance with information security policies designed to ensure the confidentiality, integrity, and availability of systems and data.
• Manage periodic independent security audits, i.e. ISO27001, ISO 9001, SSAE18
• Manage internal and client information security audits
• Technical risk and compliance assessment support
• Support design and implementation of data loss and/or identity management systems
• Support of operational activities e.g. operational review and analysis of access requests and/or data leakages to ensure compliance,
• Oversee periodic penetration tests and triage remediation for vulnerabilities identified
• Leads efforts in developing/improving process, procedures, and documentation for all aspects of security
• Work closely with key process owners to implement the agreed remediation actions
• Identify and recommend gaps and improvements to business processes

Candidate Requirements:

• Experience: 5+ years of IT administration and Security engineering experience
• Bachelor's degree in Computer Science or Information Technology
• Relevant security knowledge and experience in two or more of the following areas: Audit, compliance, risk management & GRC tools
• Firm understanding of networking basics, including TCP/IP, FW, Domains, Active Directory Management
• Windows System administration
• Working knowledge of at least one scripting language (Python and Shell preferred)
• Good understanding of security concepts, such as system hardening and vulnerability management and remediation
• Experience maintaining critical and high visibility services for stakeholders
• Policy configuration and implementation for networking and endpoint security controls
• Demonstrated experience helping an organization successfully complete independent compliance audits under SOX, etc.
• Well-versed in recognized security industry standards and leading practices, i.e. ISO, PCI, NIST, CIS, FedRamp,
• Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases)
• CISSP or security-related certification is preferred