Sr Cybersecurity Analyst

Overview

The Sr Cybersecurity Analyst is responsible for monitoring and responding to security incidents, implementing robust security measures, and developing strategies to mitigate risks. The Sr Cybersecurity Analyst helps ensure the integrity, confidentiality, and availability of CB&I's information assets.

This position is an Individual Contributor role. The role directly reports to the Director of Cybersecurity and routinely interacts with Global IT, Project Management, Engineering, Legal, Risk Management, and Outsourced Cybersecurity vendors.

Responsibilities

• Assesses information risk and facilitates remediation of identified vulnerabilities with the CB&I network, systems and applications. Reports on findings and recommendations for corrective action.
• Performs vulnerability assessments as assigned utilizing IT security tools and methodologies.
• Performs assessments of the IT security / risk posture within the IT network, systems and software applications, in addition to assessments within the Vendor Management Program.
• Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk scenarios.
• Facilitates and monitors performance of risk remediation tasks, changes related to risk mitigation & reports on findings.
• Maintains oversight of IT and vendors regarding the security maintenance of their systems and applications.
• Assists in all IT audits, IT risk assessments and regulatory compliance.
• Serve as project manager / lead within IT security projects.
• Promote awareness of applicable regulatory standards, upstream risks and industry best practices across CB&I.
• Act as a Tier 3 escalation point for security incidents and investigations.
• Manage and optimize security tools and platforms across the enterprise.
• Create, review, and troubleshoot Palo Alto Next-Gen Firewall rulesets.
• Administer and monitor CrowdStrike EDR and Proofpoint Email Security solutions.
• Operate and fine-tune SIEM platforms, including alert use case creation and optimization.
• Leverage Microsoft Cloud Security Tools (Defender for Endpoint, Defender for Identity, Purview, etc.) to secure cloud environments.
• Lead the Vulnerability Management program, including scanning, prioritization, remediation coordination, and reporting.
• Collaborate with and delegate tasks to MSSPs, ensuring SLAs and quality standards are met.
• Develop and maintain security documentation, runbooks, and incident response procedures.
• Stay current with emerging threats, vulnerabilities, and regulatory requirements.

Qualifications

CompTIA Security+, CySA+

Palo Alto Networks firewalls (ruleset creation, troubleshooting)

Skills and Behaviors

Threat intelligence platforms (TIPs)

J-18808-Ljbffr