Worley
To provide expertise and guidance in establishing, implementing, and communicating technical security policies and constructively assisting various business functions to pragmatically embed security within all Worley initiatives. This role will understand the business strategy, departmental goals and translate security objectives into an architectural approach.
Responsibilities
- Start all planning and architecture process with strict adherence to Worley principles.
- Responsible for pragmatically embedding Worley’s Information security Policies, guidelines and standards across all platforms and services.
- Engage with enterprise architecture team to ensure security is a part of all architectural standards and processes.
- Define methodology, conduct architecture security assessments, and address any findings by supporting solution implementation to produce DevSecOps platforms that includes people, process, and technology operating models.
- Establish Automated Security within CI/CD pipelines.
- Take ownership of security issues cleanup within legacy application and achieve pragmatic and measurable objectives.
- Develop Project Initiation Document, requirements; collaborate with stakeholders and project resources and support vendor & equipment selection.
- Partner with relevant I&DD pillars to develop and document security governance framework for projects and establish Platform/infrastructure Threat modelling technology and processes.
- Identify and effectively communicate architectural vulnerabilities with supporting risk statements and realistic mitigation options to stakeholders.
- Work with the Information Security Team and other I&DD pillars to improve efficiencies within security operations, monitoring, and governance by leveraging existing capabilities or by introducing new capabilities.
- Socialize security policy, standards, and guardrails across relevant areas of the organization – empowering and educating people to build secure and compliant systems.
- Support Cybersecurity operations team during and after security incidents and develop mitigation plan to avoid future occurrences.
- Assisting internal stakeholders to understand not just the technology aspects of security but to balance these with people and process aspects to create a coherent overall approach.
What You Will Bring
Technical and Industry Experience:
- 5+ years’ experience with ISO27001, NIST CSF, ACSC Essential Eight Maturity Model, TOGAF/SABSA or equivalent practical experience with enterprise architecture and ITIL; ideally in the delivery of global IT services
- 5+ years’ experience of designing and delivering large scale solutions with demonstrated security expertise.
- 5+ years’ experience with development and publishing of security policies, standards, processes, and procedures for global IT architectures.
- 5+ years’ experience in an IT security management practices
- 5+ years’ proven analytical and troubleshooting skills in prior roles
- Experience in OT and IoT environments highly desired
- Advanced user in MS Office applications and MS SharePoint
- Advanced knowledge of frameworks including NIST, Essential 8 and ISO27001
- Advanced awareness of full technology stack
- This role will be a senior security services role and will require a mature approach to managing both peers and upline management. It is expected that interpersonal skills will be of a high standard
- Exceptional attention to detail, a natural collaborator with internal departments; and external third-party vendors
- Ability to prioritize workload and manage expectations under pressure
- Excellent written, oral and presentation communication skill
- Ability to work and/or manage globally dispersed virtual teams across several IT Services disciplines
- Excellent negotiation and facilitation skills, a natural relationship builder, lateral thinker
- Ability to work in a fast-paced unstructured customer-centric environment and deliver immediate value
Required
Education – Qualifications, Accreditation, Training:
- Degree qualified in IT with software development background
- CISSP (Certified Information Systems Security Professional) qualification mandatory
Preferred
- TOGAF/SABSA certification desirable
- ITIL qualification highly desirable, experience mandatory
Flexible Working Arrangements
- This is a global role and will require flexibility to work across multiple time zones.
What we offer you
Providing an agile culture and challenging work opportunities results in a positive work environment. Our people enjoy competitive compensation packages and a fun, personal, collaborative and safe working environment. We value equal employment opportunity and are committed to promoting fairness, equality and diversity.
Our policy is to conduct background checks for all candidates who accept an offer of employment with us. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.
If you have the passion and talent to keep up, it’s time to test the limits of what you can become. Find your future with Worley.
Company
Worley
Primary Location
USA-TX-Houston
Other Locations
MYS-SB-Kota Kinabalu, IND-KR-Bangalore, USA-GA-Atlanta, IND-TN-Chennai, MYS-ML-Melaka, ARE-DUB-Dubai City, BHR-CAP-Manama, USA-LA-Baton Rouge, MYS-PH-Kuantan, USA-CA-Monrovia, CAN-ON-Toronto, USA-PA-Reading, IND-MM-Mumbai, AUS-QLD-Brisbane, AUS-VIC-Melbourne, USA-CO-Denver, CAN-AB-Calgary, IND-AP-Hyderabad, MYS-KL-Kuala Lumpur, MYS-SR-Bintulu, CAN-BC-Vancouver
Job
Strategy & Architecture
Schedule
Full-time
Employment Type
Employee
Job Level
Manager
Job Posting
Aug 5, 2022
Unposting Date
Sep 5, 2022
Reporting Manager Title
Director, Global Security Engineering and Architecture
To apply for this job please visit worleyparsons.taleo.net.