Roles and Responsibilities :
Architecting the CyberSecurity Enterprise landscape : Contributes to the Corporate cyber threat model and identifies relevant controls, considering the acceptable risk level defined with the VP for CyberSecurity.
Owns the road map of security tools, processes and trainings that will implement the relevant controls Represents Cybersecurity in the architecture forums and at the various stages of Enterprise Solutions selection Contributes to Proofs of Concept and solutions evaluations Contributes to Formal Technical Reviews and solutions validations
CyberSecurity on-boarding of the selected CyberSecurity solutions : Assesses the integration of the new solutions / tools into CyberSecurity standards and processes Secures the compliance of the implementation process, from the selection to the deployment (xAQP, 3rd party vendor screening, SOC on-boarding ) for new solutions and products in scope.
CyberSecurity documentation : Contributes to the creation and the maintenance of Cybersecurity standards and guidelines.
Reviews and signs-off on the playbooks and other documentation associated to the solutions.
Tech Watch : Performs Technology Watch to identify solutions and tools to support Schlumberger’s CyberSecurity Operations
Qualifications and Experience :
10 years of experience. At least 5 years of experience as IT Architect and Cyber Security
Fluent English level
Master's degree or equivalent experience in IT, Telecommunications, Computer Science or Engineering
Membership and active participation in Eureka Security SIG
Knowledge of different cloud technologies (IaaS, PaaS, SaaS)
Knowledge of fundamental cybersecurity principles, new and emerging Information Technology (IT) and Cyber Security technologies.
Knowledge of cyber threats, vulnerabilities, encryption algorithms, cryptography and cryptographic key management concepts.
Knowledge of host / network access control mechanisms (using access control list, capabilities lists, firewall rules, GPO Policies etc), a network attack and the relationship between both threats and vulnerabilities.
Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
Knowledge of Incident response and handling methodologies, ITIL processes and experienced with the agile delivery.