The Regional Network & Communication Information Security Specialist function is responsible for the operations that ensure the security of the network and communication services of the EMEA region. He/She has a special focus on the integration of the best practices from IT/Cybersecurity and OT Technologies into the daily operations of the Cement plants.
Under the supervision of the EMEA Network & Communications Supervisor, the EMEA Network & Communications Security Specialist is a key player in the IT/OT convergence project activities, and is responsible for providing L1/L2/L3 support to the network and communication security services.
- Assist and deploy policies within the IT/OT framework.
- Actively participate in the delivery activities related to IT/OT convergence projects.
- Isolate cement plants’ network from the office network, by implementing the so-called “bridge” firewalls and the different network segments as per the IT/OT Holcim Security Standard.
- Keep industrial firewalls hardened and with the right level of automation and configuration; housekeeping the rulesets ensuring the maximum efficiency.
- Provide periodic support to cement plant managers or local internal control teams on information sharing to fulfill Minimum Control Standards in the OT environment.
- Create segmentation inside the OT networks, ensuring the availability of the automation network.
- Provide top-notch technical expertise to monitor IT/OT networks for security threats or unauthorized users.
- Be a key stakeholder to the security projects in the scope of the department.
- Provide technical support to operational issues for both network and communication services
- Automate the environment to proactively improve the delivery of the security services.
- Deploy the relevant monitoring tools and have the correct mindset to ensure proactive corrections and fast incident resolution.
- Leverage and maintain appropriate tools to ensure configuration management and capacity planning.
- Ensure efficient collaboration with Delivery, Security, EUS, I&O and the rest of the IT Services teams.
- Ensure the consistent and up to date technology & security skills.
- Work with external suppliers to source hardware and software solutions to network security issues.
- Deploy, test and maintain security systems such as VPNs, firewalls and email security.
- Ensure that current network system security is suitable for future requirements of Holcim.
- Identify compromised machines and report on security measures taken to address threats.
- Analyze security risks and develop response procedures.
- Developing and testing software deployment tools, firewalls and intrusion detection/prevention systems.
- Creating security documentation for users, assisting in disaster recovery and gathering evidence regarding cybercrimes.
- Work proactively on root cause analysis, problem solving and standard operating procedures creation.
- Conducting regular security audits and preparing security status reports.
- Ensure the Service Level commitments are respected by monitoring the main KPIs.
- Follow and enforce the security, internal control and standardization principles defined by the Group and regional teams.
- Work on the efficient transfer of delivered services into the run organization (service introduction)
- Level of education/qualifications normally required:
- Graduate degree in Computer Science, Engineering or related discipline with an IT focus
- A professional industry certification; experience in networking systems, information technology, or network security is a must.
- Advanced Professional certification in network domain ( CCNA, CCNP, CCSP) AWS Certified Advanced Networking is a plus.
- Specific work experience:
- Broad technical knowledge of IT with at least 6 years experience.
- Experience within IT/OT environments.
- Well versed in multiple security technologies such as SIEM; Intrusion Detection Systems; Next Generation Firewalls; Deep Packet Inspection; Layer 7 filtering; Web Proxy/Content Filtering; PKI, Radius, Log Analysis, vulnerability management, etc.
- Broad knowledge of business-impacting security scenarios and viable methods to detect these scenarios.
- Experience working with 3rd party providers
- Experience working on projects
- Work experience in a related industry setting (cement, aggregate, ready-mix or other manufacturing industries) is a plus
- Experience working with international teams is a plus
- Experience with DevOps tools (Ansible, Terraform) is a plus.
- Technical / functional skills:
- Deep understanding of running IT services in regards to technology and processes.
- Knowledge of existing and emerging hardware and software technologies and IT architectures.
- Strong competency in developing efficient and effective solutions to diverse and complex business problems.
- Ability to implement IT security policies and governance.
- Deep knowledge of Cisco firewall technologies (ASA, Firepower).
- Deep knowledge of Network infrastructure (WAN / Internet, LAN / Wireless LAN, Perimeter Security, VPN) and related products, manufacturers and APIs
- Deep knowledge of proxy and web filtering solutions (Forcepoint specifically, Zscaler, Umbrella...)
- Knowledge of DNS protocols and manufacturers (Infoblox, Route53, etc.)
- Good understanding of incident, problem and change management processes and procedures as well as ticketing platforms
- Proven analytical and troubleshooting abilities
- Behavioral / managerial competencies:
- Ability to communicate openly and effectively with IT management, Business Units management, with other IT managers, with staff, and with many diverse constituencies
- Ability to work decisively under heavy workload considering the criticality, urgency and extended work hours required to ensure the availability of the service in accordance to service level commitments
- High willingness to drive transformation and service improvement
- Strong customer / end-user / client service orientation
- Highly self-motivated and directed
- Keen attention to detail
- Capability for problem solving, decision making, sound judgment, assertiveness
- Excellent English (written & spoken).
- Other languages (Arabic, French etc.) in the EMEA region are a plus
Mobility requirements (time spent traveling internationally, nationally, etc.): 10%
- Value inclusion within the day to day responsibilities by respecting others’ perspectives and convictions, engaging others’ opinions, creating a safe environment where people, ideas and opinions are valued within the team / “internal” customers and external partners.
- Respect and take into consideration diversity by valuing different world views, challenges and cultures that represent all walks of life and all backgrounds.
- Is sensitive to how people, cultures and organizations function. Deals comfortably with organizational politics. Steer through the organizational maze to get things done.
- Demonstrates positive thinking mindset, consistently identifying highlights.
- Shows a can-do attitude in good and bad times and acts as a role model in terms of ethics and self awareness.
- Ability to travel within the region for extended periods of time in a row (up to 10% in a year).