The Cyber Security Architect oversees the cybersecurity aspects of the design and implementation of CSOC solutions and tools.
He/She reports directly to Core Assets CyberSecurity Engineering manager and functionally to SLB IT Chief Enterprise Architect.
Essential Responsibilities And Duties
- Architecting the CyberSecurity Enterprise landscape:
- Contributes to the Corporate cyber threat model and identifies relevant controls, considering the acceptable risk level defined with the VP for CyberSecurity.
- Owns the road map of security tools, processes and trainings that will implement the relevant controls
- Represents Cybersecurity in the architecture forums and at the various stages of Enterprise Solutions selection
- Contributes to Proofs of Concept and solutions evaluations
- Contributes to Formal Technical Reviews and solutions validations
- CyberSecurity on-boarding of the selected CyberSecurity solutions:
- Assesses the integration of the new solutions/tools into CyberSecurity standards and processes
- Secures the compliance of the implementation process, from the selection to the deployment (xAQP, 3 rd party vendor screening, SOC on-boarding …) for new solutions and products in scope.
- CyberSecurity documentation:
- Contributes to the creation and the maintenance of Cybersecurity standards and guidelines.
- Reviews and signs-off on the playbooks and other documentation associated to the solutions.
- Tech Watch: Performs Technology Watch to identify solutions and tools to support Schlumberger’s CyberSecurity Operations
Previous Experience And Competencies
- Master’s degree or equivalent experience in IT, Telecommunications, Computer Science or Engineering
- Membership and active participation in Eureka Security SIG
- Knowledge of different cloud technologies (IaaS, PaaS, SaaS)
- Knowledge of fundamental cybersecurity principles, new and emerging Information Technology (IT) and Cyber Security technologies.
- Knowledge of cyber threats, vulnerabilities, encryption algorithms, cryptography and cryptographic key management concepts.
- Knowledge of host/network access control mechanisms (using access control list, capabilities lists, firewall rules, GPO Policies etc), a network attack and the relationship between both threats and vulnerabilities.
- Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
- Knowledge of Incident response and handling methodologies, ITIL processes and experienced with the agile delivery.
- Highly Motivated Team Player
- Critical thinking with strategic mindset
- Ability to reconcile competing demands between conflicting interests and priorities
- Ability to work well with all levels of the company
- Strong interpersonal and communications skills
- Ability to work in a dynamic and rapidly changing environment
- Detail Oriented – Good Understanding of Security Operation Center
- Independent, resourceful and comfortable working in a highly paced environment
- Oil & Energy