This site uses cookies. To find out more, see our Cookies Policy

Cyber Security Specialist in Frisco, TX at BetterJobs

Date Posted: 2/12/2019

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Frisco, TX
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    2/12/2019

Job Description

Become Part of Our Team

As an industry leader Balfour Beatty offers employees a comprehensive benefits package that includes competitive salaries, comprehensive medical, dental and vision benefits, paid time off and volunteer hours, education assistance and much more including:

  • Medical, Dental, Vision and Life Insurance
  • Health Savings Account
  • 401(k) with company match
  • Flexible Spending Accounts (Dependent & Medical Reimbursement)
  • Vacation Time
  • Sick Time
  • Holidays
  • Paid Personal Days
  • Paid Volunteer time
  • Tuition Assistance
  • Employee Referral Bonus

Summary

At Balfour Beatty Construction in Dallas, Texas we are seeking a Cyber Security Specialist to join our team. This is a key role within the US business leading the information security practices to ensure that our policies are defined, shared and understood and the standards are inspected and maintained. The Cyber Security Specialist will work closely with the Chief Information Security Officer, US Chief Information Officer and VP Information Technology to define an effective security architecture through IT projects that protects Balfour Beatty interests for services provided in-house and via third parties while not inhibiting productivity within the business.This role will also support increasing the awareness of information security policies across the Balfour Business and ensuring these are being enforced.

Essential Functions

  • Act as a key resource/leader for security in the US part of the business to support the development and maintenance of the Group Information Security strategy and accompanying framework(s) for implementation.
  • Provide support for information risk assessments, management and reporting to the C-suite.
  • Understanding of the business, information systems and processes with a view to enhancing these from a security, regulatory and legal point of view.
  • To provide support to develop and update Information Security directives, policies, standards and guidance in conjunction with Group and US business units.
  • Provide support to develop process for secure application development under the guidance of best practices such as SOGP, OWASP, etc.
  • Perform divisional Information Security reviews where appropriate and ensure timely management and resolution of non-compliance issues both internally and externally.
  • Implement and monitor cyber security controls as well as ensure that Information Security issues are addressed properly with all relevant 3rd parties.
  • Work with external consultants as appropriate for independent security audits.
  • Support the development and deployment of the groups Information Security training and awareness within the US business.
  • Stay current with and maintain knowledge of cyber-attacks and counter measures.
  • Support and oversee Information Security incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
  • Provide Information Security input in to projects and relevant strategic initiatives.
  • Responsible for leading US Information Security initiatives through to completion.
  • Schedule penetration tests and interpret results in the given context of the overarching security posture to ensure any mitigations are prioritized and implemented.
  • Lead on regular vulnerability assessments with a view to closing off or mitigating any identified problems.
  • Follow all relevant legislation and liaise with the US business units to ensure that security measures adequately protect staff, client and supplier information.
  • Protect the network(s) from malicious entities such as hackers, viruses, ransomware and spyware.
  • Create and delivery of security metrics into a security KPI monitoring and reporting dashboard.
  • Create of brand monitoring (potentially via open source tooling).
  • Work with the Risk Department to understand the US Cyber Security Insurance policy and the process to follow in the case of a breach.
  • Work with the Risk Department to ensure the US Cyber Security Insurance policy is right sized.
  • Develop a Breach Response Plan.
  • Facilitate/participate in monthly Security Council (InfoSec) reviews with key members from both the UK an US.
  • Provide quarterly security reviews/updates to the Security Executive Council which include: Chief Information Security Officer, UK Chief Information Officer, and the US Chief Information Officer.

Minimum Requirements

  • High School Diploma or Associate's Degree in Computer Science, Information Technology, or any other related field required.
  • 5+ years working in an Information Security role with multi skilled background (investigation, risk management, assurance, governance, stakeholder management).
  • Experience in coordination of security and risk initiatives in a large enterprise setting.
  • Familiar with known security frameworks, standards and methodologies.
  • Experience of risk assessment and management.
  • Experience with cloud based services such as AWS, Azure and O365 including EM+S.
  • Familiarity with ISO 27001:2013 and controls.
  • Experience with NIST framework, SANS 20 critical security controls and UK Top 10/cyber essentials.
  • Familiarity with privacy regulations such as GDPR, privacy shield, data protection act and computer misuse act.
  • Experience with security forensics.

Preferred Experience

  • Local candidates highly encouraged to apply.
  • Previous or current A/E/C Information Technology experience, helpful, but not required.
  • Experience designing and implementing cyber security strategies.
  • Experience responding and recovering to a cyber security attack.
  • Experience working with tools used to monitor and protect against cyber security.
  • Experience implementing Security Awareness and Training Programs.
  • Experience developing a Security Breach Response Plan.

About Us

Balfour Beatty US is an industry-leading provider of general contracting, at-risk construction management and design-build services for public and private sector clients across the nation. Performing heavy civil and vertical construction, our teams build the unique structures and infrastructure that play an important role in how people live, work, learn and play in our communities. Our teammates have an instinctive passion for innovating that is fueled by a relentless curiosity, a drive to employ lean practices and processes and the determination to find a better way. Through Zero Harm®, we are challenging the construction industry s assumptions about safety. We believe that no level of harm should come to anyone as a result of our business.

Consistently ranked among the nation s largest building contractors, by Engineering News-Record, our US business is a subsidiary of London-based Balfour Beatty plc (LSE: BBY).

Balfour Beatty is an equal opportunity employer that recognizes the value of a diverse workforce. All qualified individuals will receive consideration for employment without regard to race, color, age, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, genetic information, or any other criteria protected by federal, state or local law.