Work Location: The position will be based in Glendale (AZ), Reston (VA), Houston (TX) or Oak Ridge (TN).
The Bechtel Information Security and Compliance team is seeking a well-rounded Information Security Professional that has depth of knowledge across multiple domains of information security, and demonstrated expertise with on-prem networking and cloud services. Applicants should have a strong technical background and a thorough understanding of information risks as it relates to the business, viewing security holistically, applying risk management intelligently, using creative problem solving techniques, and the ability to work successfully with others.
The position will be based to one of the main offices of Bechtel, which are Glendale (AZ), Reston (VA), Houston (TX) or Oak Ridge (TN). The candidate needs to be near and able to travel into one of these offices as needed.
Lead and/or assist in the development and design of network security architecture, policies, standards, procedures, training, and documentation of network security solutions including Data Loss Prevention, ﬁrewalls, routers, and logging and analysis tools.
Define situations in terms of the security risks and is able to educate peers and management so they can make informed business decisions based on a risk management methodology.
Identify Key Performance Indicators and system controls. Developing, populating, and tracking performance metrics and providing analysis reports.
Provide security subject matter expertise and consultation to cross functional teams on network security solutions including architecture, design, documentation and policies.
Lead the security reviews and provides approval for changes to network, infrastructure and connectivity solutions through the Change Management process. Ensure changes are in compliance with policies and/best information security practices. Work to improve and streamline the change management process.
Perform risk analysis of potential business options and provide consultations to business leaders on options for risk mitigation.
Review technical standards and procedures and makes recommendations for improvement in alignment with policy and best security practices.
Review cloud, on-prem and hybrid security architectures and develop design strategies geared toward maximizing the available solution space while maintaining information security standards.
Provide technical and functional leadership on complex projects.
Work successfully with various groups to solve IS&T and business problems with available technology.
Develop, pilot, and test secure implementation plans for new and emerging technology solutions.
Instruct, direct, and monitor the work of other network analysts and staff.
Provide excellent customer service to stakeholders including routine interactions/communication with customers, vendors, and other support staff.
Function as a technical mentor within the team and to other employees in order to foster a team environment.
Keep informed of issues and changes in the information security industry including new technology and processes for managing change.
Assist with the audit processes and investigations as needed.
Travel to Bechtel jobsites and offices as needed.
Qualifications and Skills
Bachelor’s Degree and 13+ years of relevant experience in information technology.
Experience with the management and design of network security infrastructure such as firewalls, proxies, VPNs, switches, etc.
Professional experience with enterprise level network, Internet DMZ infrastructure, WAN, LAN.
6+ years hands on experience in 5 or more of the security domains listed below including:
Security Governance and Management.
Network Security Operations.
Disaster Recovery & Business Continuity.
System Development Life Cycle.
4+ years of experience in the following:
Implementing and managing network security.
Implementing and managing the security of an enterprise Windows environment.
Information risk assessments.
Implementing and testing IT controls and performing operational audits.
Implementing cryptography and key management.
Implementing Cloud Security.
3+ years of experience in the following:
Developing, implementing, and maintaining information security policies and procedures, and develop security accreditation/certification documentation.