Job summary

Here at bp, we are recruiting for our next ICS Security Monitoring Analyst!

The Industrial Control Systems (ICS) Security Analyst is a specialist within our global Process Control Network (PCN) centralized security service, which uses firewall managers, Microsoft Windows Patching managers, anti-virus managers, multi-factor authentication and a heavy focus on Intrusion Detection systems. The analyst will be responsible for threat hunting, response, notification, tool integration, API scripting, and DevSecOps activities as required. Additionally, the analyst will develop detailed operational processes and procedures, train junior staff and identify or develop automated processes to simplify the service which will provide more time or the team to appropriately analyse, call out, and assist in remediation of critical information security incidents.

Incident Response Management; Application Information Security.

Responsibilities:

Monitoring traffic analysis to tune the IDS solution

Respond to sites about observances

Help Security Operations Center with incident investigations

Threat hunting

Incident response and notification

You will be responsible for using security systems tools, including the Firewalls, Windows AD event logs, syslog, anti-virus, file integrity, and vulnerability scanners for security events.

Evaluate and investigate detected security events to determine if they represent significant security incidents and require some level of response. This response will be in the form of detailed configuration data, traffic analysis and/or event correlation. All incident responses will support the Global BP Digital Security incident management process.

Suggest and work with the respective security team members to develop and refine additional monitoring content.

Develop detailed operational procedures for services and identify/develop automated programs to produce daily reporting, data gathering and simple operational processes. This will allow the team increased time to appropriately analyse, call out, and assist in remediation of critical information security incidents.

Maintain knowledge of the functionality and technology of existing IT systems as well as: ICS technologies

Your Skills & Experience: