Network and Communication Security Specialist

Description

The Regional Network & Communication Information Security Specialist function is responsible for the operations that ensure the security of the network and communication services of the EMEA region. He/She has a special focus on the integration of the best practices from IT/Cybersecurity and OT Technologies into the daily operations of the Cement plants.

Under the supervision of the EMEA Network & Communications Supervisor, the EMEA Network & Communications Security Specialist is a key player in the IT/OT convergence project activities, and is responsible for providing L1/L2/L3 support to the network and communication security services.

Responsibilities

  • Assist and deploy policies within the IT/OT framework.
  • Actively participate in the delivery activities related to IT/OT convergence projects.
  • Isolate cement plants’ network from the office network, by implementing the so-called “bridge” firewalls and the different network segments as per the IT/OT Holcim Security Standard.
  • Keep industrial firewalls hardened and with the right level of automation and configuration; housekeeping the rulesets ensuring the maximum efficiency.
  • Provide periodic support to cement plant managers or local internal control teams on information sharing to fulfill Minimum Control Standards in the OT environment.
  • Create segmentation inside the OT networks, ensuring the availability of the automation network.
  • Provide top-notch technical expertise to monitor IT/OT networks for security threats or unauthorized users.
  • Be a key stakeholder to the security projects in the scope of the department.
  • Provide technical support to operational issues for both network and communication services
  • Automate the environment to proactively improve the delivery of the security services.
  • Deploy the relevant monitoring tools and have the correct mindset to ensure proactive corrections and fast incident resolution.
  • Leverage and maintain appropriate tools to ensure configuration management and capacity planning.
  • Ensure efficient collaboration with Delivery, Security, EUS, I&O and the rest of the IT Services teams.
  •  Ensure the consistent and up to date technology & security skills.
  • Work with external suppliers to source hardware and software solutions to network security issues.
  • Deploy, test and maintain security systems such as VPNs, firewalls and email security.
  • Ensure that current network system security is suitable for future requirements of Holcim.
  • Identify compromised machines and report on security measures taken to address threats.
  • Analyze security risks and develop response procedures.
  • Developing and testing software deployment tools, firewalls and intrusion detection/prevention systems.
  • Creating security documentation for users, assisting in disaster recovery and gathering evidence regarding cybercrimes.
  • Work proactively on root cause analysis, problem solving and standard operating procedures creation.
  • Conducting regular security audits and preparing security status reports.
  • Ensure the Service Level commitments are respected by monitoring the main KPIs.
  • Follow and enforce the security, internal control and standardization principles defined by the Group and regional teams.
  • Work on the efficient transfer of delivered services into the run organization (service introduction)

Position Requirements

  • Level of education/qualifications normally required:
    • Graduate degree in Computer Science, Engineering or related discipline with an IT focus
    • A professional industry certification; experience in networking systems, information technology, or network security is a must.
    • Advanced Professional certification in network domain ( CCNA, CCNP, CCSP) AWS Certified Advanced Networking is a plus.
  • Specific work experience:
    • Broad technical knowledge of IT with at least 6 years experience.
    •  Experience within IT/OT environments.
    • Well versed in multiple security technologies such as SIEM; Intrusion Detection Systems; Next Generation Firewalls; Deep Packet Inspection; Layer 7 filtering; Web Proxy/Content Filtering; PKI, Radius, Log Analysis, vulnerability management, etc.
    • Broad knowledge of business-impacting security scenarios and viable methods to detect these scenarios.
    • Experience working with 3rd party providers
    • Experience working on projects
    • Work experience in a related industry setting (cement, aggregate, ready-mix or other manufacturing industries) is a plus
    • Experience working with international teams is a plus
    • Experience with DevOps tools (Ansible, Terraform) is a plus.
  • Technical / functional skills:
    •  Deep understanding of running IT services in regards to technology and processes.
    • Knowledge of existing and emerging hardware and software technologies and IT architectures.
    •  Strong competency in developing efficient and effective solutions to diverse and complex business problems.
    •  Ability to implement IT security policies and governance.
    •  Deep knowledge of Cisco firewall technologies (ASA, Firepower).
    •  Deep knowledge of Network infrastructure (WAN / Internet, LAN / Wireless LAN, Perimeter Security, VPN) and related products, manufacturers and APIs
      •  Cisco
      • Meraki
      •  AWS
      •  Solarwinds
    •  Deep knowledge of proxy and web filtering solutions (Forcepoint specifically, Zscaler, Umbrella...)
    • Knowledge of DNS protocols and manufacturers (Infoblox, Route53, etc.)
    • Good understanding of incident, problem and change management processes and procedures as well as ticketing platforms
    • Proven analytical and troubleshooting abilities
  • Behavioral / managerial competencies:
    • Ability to communicate openly and effectively with IT management, Business Units management, with other IT managers, with staff, and with many diverse constituencies
    • Ability to work decisively under heavy workload considering the criticality, urgency and extended work hours required to ensure the availability of the service in accordance to service level commitments
    • High willingness to drive transformation and service improvement
    • Strong customer / end-user / client service orientation
    • Highly self-motivated and directed
    • Keen attention to detail
    • Capability for problem solving, decision making, sound judgment, assertiveness

Language Skills

  • Excellent English (written & spoken).
  • Other languages (Arabic, French etc.) in the EMEA region are a plus

Mobility requirements (time spent traveling internationally, nationally, etc.): 10%

Other Information

  • Value inclusion within the day to day responsibilities by respecting others’ perspectives and convictions, engaging others’ opinions, creating a safe environment where people, ideas and opinions are valued within the team / “internal” customers and external partners.
  • Respect and take into consideration diversity by valuing different world views, challenges and cultures that represent all walks of life and all backgrounds.
  • Is sensitive to how people, cultures and organizations function. Deals comfortably with organizational politics. Steer through the organizational maze to get things done.
  • Demonstrates positive thinking mindset, consistently identifying highlights.
  • Shows a can-do attitude in good and bad times and acts as a role model in terms of ethics and self awareness.
  • Ability to travel within the region for extended periods of time in a row (up to 10% in a year).
Apply for this job

*By applying to this job you expressly agree to the processing of all the above (personal) data, including any special categories of (personal) data entered by you or attached as a document, in accordance with the privacy policy of Holcim EMEA Digital Center. You have the right to request from us access to and rectification or erasure of your personal data or restriction of processing concerning you and to object to processing as well as the right to data portability in accordance with the EU General Data Protection Regulation. Click the Privacy policy to see the details.*