Senior Analyst, Information Security

At Cheniere, we provide the world with safe, reliable energy. But more than that, we provide opportunities for our talented employees to impact their communities every day. Our diversity is key to our continued success and forges a path where our culture supports greater equity and inclusion for our employees, customers and beyond.

POSITION OVERVIEW

IT Senior Analyst, Information Security is responsible for monitoring, maintaining, and evaluating systems and procedures to protect the confidentiality, integrity and availability of information assets.

RESPONSIBILITIES AND ESSENTIAL DUTIES

• Identify, evaluate and report information security risks in a manner that meets the company’s policies, legal and regulatory requirements.
• Act as the lead in supporting network security systems and solutions such as intrusion detection systems, web security gateway, privileged access management, vulnerability scanner, malware detection and security information and event management tools to discover threats, risks, and suspicious activity/intrusion attempts.
• Oversee the performance enterprise vulnerability scans on a frequent basis; prioritize, report, and deliver vulnerabilities to system owners; follow remediation efforts until closure.
• Incident responder, detect and respond to network security incidents following through to lessons learned.
• Perform a variety of ad-hoc information security projects and be a subject matter expert.
• Provide evidence for controls or audits of systems and processes based on industry standards, follow remediation efforts until closure.
• Coordinate yearly penetration tests; prioritize, report, and deliver penetration results to system owners; follow remediation efforts until closure.
• Identifies opportunities to streamline and automate new and existing processes.
• Lead the emerging threat program. Stays informed about the latest threats and developments in the information security field, including new products and services, through on-line news services, technical magazines, professional associations, industry conferences, training seminars, and other information sources.
• Ability to work weekends and after-hours as necessary.
• Act as an Incident commander in annual incident response tabletop testing exercises.
• Experience with managing log data storage and management of log data and architecture.
• The duties and responsibilities described above are not a comprehensive list, and additional tasks may be assigned to the employee from time to time, or the scope of the job may change as necessitated by business demands.

QUALIFICATIONS (EDUCATION, EXPERIENCE AND SKILLS)

Education: Bachelor’s degree in IT-related field preferred. Equivalent combination of education and years of experience for the level may be considered. 

Experience: Minimum five (5) years of relevant IT / IT Security experience required. Must have experience with Web Security Gateway and Intrusion Prevention Systems, Splunk, and incident response. 

Skills: 

• Vulnerability management experience, CISSP, CompTIA Security or SANS certifications are strongly preferred.
• Demonstrated advanced understanding of system, network and security principles/technology.
• Advanced understanding of Active Directory.
• Strong analytical skills gathering information from several sources for troubleshooting.
• Demonstrated advanced working knowledge of Microsoft Office applications (Word, Excel, Visio, Project) to provide data in various forms (reports, metrics, charts, statistics, diagrams).
• Advanced working knowledge of ticket management and queue management applications
• High Proficiency understanding of Windows, Linux, and Cisco technologies.
• Strong working knowledge of incident response frameworks and responsibilities
• Good understanding of regulatory requirements such as Sarbanes-Oxley (SOX), CoBIT, ISO 27001/2, NIST, ITIL, etc.
• Strong organizational skills, accountable, and proactive with the ability to multi-task and pay close attention to detail.
• Strong written and verbal communication skills.
• Demonstrated ability to work well in a team environment.
• Strong understanding of Cloud Architecture and Cloud Access Security Brokers.
• Can explain the difference between traditional and modern endpoint security solutions.
• Fundamental understanding of OT systems.

DIRECT REPORTS

None

FREEDOM TO ACT

The IT Senior Security Analyst is expected to be a subject matter expert in their field and require minimal supervision.

WORK CONDITIONS

• Job is performed in a typical office environment, but is subject to time pressures and constraints, and is also dependent on input from others.
• Often exposed to stressful situations.
• Subject drug and alcohol testing, per applicable federal regulations.

ADA JOB REQUIREMENTS

Reasonable accommodations will be made to ensure that the essential functions of the job can be performed and will not hinder the employee's performance due to a physical, mental or emotional disability.

EQUAL EMPLOYMENT OPPORTUNITY

Cheniere Energy is an equal opportunity workplace. All employment decisions are made without regard to sex, race, color, religion, national origin, citizenship, age, disability, marital or veteran status, sexual orientation, gender identity or expression, or any other legally protected categories. This includes providing reasonable accommodation if requested for disabilities or religious beliefs and practices.