Galp is an energy company committed to develop efficient and sustainable solutions in its operations and in the integrated offers provided to its clients. We create simple, flexible, and competitive solutions for the energy and mobility needs of both industrial and individual consumers. Our portfolio includes multiple types of energy - from renewable electricity to natural gas and liquid fuels. We contribute to the economic development of the 10 countries in which we operate and to the social progress of our host communities. We are, therefore, leaders in our sector in the main sustainability indexes worldwide. We are 4 geographies, 49 nationalities and more than 6.000 experiences waiting to be shared. We are looking for people with strength, passion, determination, and vision to be part of our growth. Will you accept the challenge? Let’s Regenerate the Future Together!
Cyber Resilience Professional - Csirt Team
Mission:
The Cyber Resilience Professional will work closely with the Head of CSIRT towards fostering Galp’s Cyber Resilience , supporting Galp’s CSIRT (Cyber Security Incident Response Team)in responding to Cybersecurity Incidents targeting Galp. She/He will be responsible for security incident response, threat hunting, forensic analysis and identification of Lesson-s Learned, in order to protect and maintain the overall security of the enterprise. Working 24/7 against cyber criminals, this person will play a crucial role and must be agile, willing to learn continuously, and be able to think outside of the box in order to operate effectively in an ever-changing threat landscape.
What you'll do:
- Protecting Galp’s People, Processes and Technology by promptly responding to security incidents and threats from cyber criminals;
- Proactively hunting for threats and enacting identification, containment, and eradication measures while supporting recovery efforts to maintain the business operating as expected;
- Act as subject matter expert to provide insight and guidance to colleagues engaging in protective measures and identify Lesson’s Learned from incidents that help improve the maturity against cyber threats;
- Analyzing cyber security incidents and improve incident handling procedures and playbooks;
- Handling Tier 2 incident escalations from Galp’s SOC (Tier 1) and assist with real-time and continuous (24/7) security event monitoring, response, and reporting;
- Coordination with appropriate business units during a security incident – management, legal, security, IT operations, marketing and others;
- Supporting and coordination of a unique SOAR implementation project, includingthe continuous playbook development, in line with the latest best practices;
- Creating thorough reports and documentation of all incidents and procedures, presenting findings to business units and leadership on a routine basis;
- Helping improve the overall security posture by independently verifying the security of enterprise systems, and to ensure the timely dissemination of security information to the appropriate stakeholders.
What you'll need:
- Degree in Computer Engineering (or similar);
- 3 to 5 years experience in Cyber Security area;
- Knowledge of security systems and latest security trends;
- Knowledge in Cyber Security Incident handling
- Knowledge of security architecture, system administration, and networking.
- Knowledge of operating systems including Linux/Unix and Windows.
- Experience with programming languages such as Python, Perl, C/C++, PowerShell, etc is a plus
- Excellent written and verbal communication skills;
- Understanding digital native and emerging technologies;
- Pragmatic approach in identifying, mitigating and resolving risks;
- Excellent organization, time management, problem-solving skills and attention to detail;
- Resilient and Can do attitude;
- Fluent in English;
- Ability to work as part of a team – “If you want to go fast, go alone. If you want to go far, go together ”.
Deadline for Applications:
April 27th, 2023
Diversity Commitment
At Galp, we promote equality of opportunity and treatment of people regardless of gender, religion or belief, different capabilities, age, sexual orientation, political ideology, race or ethnicity. We believe that diversity creates value and strengthens a Group culture.