Previous Job
Previous
Senior Security Threat Engineer
Ref No.: 18-75144
Location: Clinton, Iowa
Start Date: 10/10/2018
65 on w2
The IPC Senior IT Security Threat Engineer guides the architecture, management and monitoring of enterprise wide threat, incident, and event management and security analytic solutions for LyondellBasell protecting against intrusions such as targeted threat actors, malware, hacking attempts, and other forms of cyber-attacks. Your primary responsibilities will be maintaining the security analytic tools architecture, developing threat intelligence, monitoring incidents and events, analyzing LyondellBasell's intrusion resistance, and leading the effort to automate, integrate, and aggregate the data systems needed to expedite accurate analysis.

This role will be a security evangelist and will drive company-wide changes to remediate and Client weaknesses.
  • This position reports to the Information Protection Manager, Security and Forensics and is located at our North American Headquarters in Downtown Houston. The position offers a competitive base salary, bonus, 401K matching, generous benefits package, pension plan, parking subsidy, and employee discounts.

Responsibilities:
  • Manage, operate, and maintain the SIEM (Splunk ES) and Security Analytics systems along with the security monitoring tools used for the intrusion analysis and incident response.
  • Analyze LyondellBasell's intrusion resistance on an on-going basis and lead improvement efforts through automation, integration, aggregation.
  • Find/develop new threat intelligence, detection, hardening strategies.
  • Provide information protection expertise to IT operational teams to ensure systems are properly protected and monitored.
  • Evangelize security within LyondellBasell and drive changes needed to respond to emerging threats.
  • Analyze cyber threat data and correlate with existing understanding of cyber threats impacting LyondellBasell's environment.
  • Profile new and emerging threats to the IT landscape.
  • Serve as the technical lead to the event response team, providing mentoring to team members as needed.

Minimum Qualifications:
  • A minimum of 3 years' experience performing security incident response.
  • Bachelor's degree in computer science, information systems, or related field or comparable work experience.
  • Extensive experience with SIEM (Splunk ES) technology, including regular maintenance and tuning.
  • Experience with SIEM (Splunk ES) content development such as correlation rules, filters, lists, views, and reports.
  • Experience with System Analytic technology and how it is used for security analysis.
  • Experience dealing with and understanding commonly used targeted attack techniques, tactics and procedures.
  • Strong general IT and INFOSEC background including cryptography and network/systems/physical security.

Preferred Qualifications:
  • Strong analytical and interpersonal skills.
  • Large enterprise experience preferred.
  • Deep Subject Matter expertise of network based and system-level attacks and mitigation methods.
  • Solid scripting abilities (Perl, Python, Shell, etc.)
  • Expertise with log analysis and developing custom scripts/functionality as needed.
  • Excellent verbal and written communication skills, to include forensic reports and investigation summaries.
  • CISSP, CCNA, or other security recognition certifications desirable.
  • Intercultural competence

Required Skills:
  • CCNA, CISSP, MS Office, Scripting, Security, Systems Analysis