четверг, 26 апреля 2012 г.

Тексты вакансии специалистов BP'шного SOC

В силу ошибки кадровой системы  BP сабж публикую ниже:
1. Job title Digital Security SOC Analyst Level I
Req ID 31420BR
Job category Information Technology & Services
Sub-category IT Delivery
Countries (State/Region) United States - Texas
Location Houston
Role synopsis The SOC Analyst is responsible for monitoring multiple security technologies using the ArcSight Security Information and Event Management (SIEM) tool to detect IT security incidents. The analyst will follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
Key accountabilities Will monitor multiple security technologies, including the ArcSight ESM SOC Main Channel, IDS, HIPS, Windows AD event logs, syslog, anti-virus, file integrity, and vulnerability scanners for security events.

Must evaluate and investigate detected security events to determine if they represent significant security incidents and require some level of response.

Must have an understanding of the functionality and technology of existing systems as well as an understanding of the business critical applications and their major issues.

Must have a general view of the current state of information security threats and vulnerabilities across the globe as well as within a large multi-national corporation.

Follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.

Suggest and work with the respective security engineering team member to develop and refine additional monitoring content and Use Cases.

Provide 24x7 Operational support; on a rotating shift schedule (includes overnight shifts)
Essential Education BS Computer Science preferred, but not required
Essential experience and job requirements 2+ years experience in one of the following:
Network operations or engineering
System administration on UNIX, Linux, or Windows

Proficient in the operation and troubleshooting of computer operating systems such as Windows (XP, 7, 2003, 2008) and Linux/UNIX.

Proficient knowledge and understanding of IP protocols and ports, including TCP/UDP packet header and payload analysis.

Working experience with Arcsight ESM including Active Channel creation, event monitoring, event correlation, and event management under a documented process framework and methodology.

Experience with testing intrusion detection rules to validate the operation and expected results. Experience rewriting Snort rules and verifying their correct operation.
Other essential skills and knowledge Hands on experience analyzing or reviewing events from firewalls, IDS, HIPS, Windows AD event logs, syslog, anti-virus, virtual machines, file integrity, and vulnerability scanners.

Knowledge of and experience with penetration testing technologies and methodologies.

Available to work shifts, including nights, weekends, and holidays.

History of working under crisis or with incidents in various situations.

Experience with change management processes, procedures, and ticketing systems.

Must have previous information security experience or expertise, including an understanding and awareness of the actors, their motivation, methodologies, and tactics.

Awareness of the threat environment faced by multi-national oil, gas, petrochemical corporation.

Experience in analyzing intrusion events in a large enterprise environment.

Willingness to acquire in-depth knowledge of network and host security technologies and products (such as firewalls, Network IDS and scanners) and desire to continuously improve these skills.

Must have the ability to learn, grasp, and understand new technologies

Individual must be a self-starter with the ability to multi-task and work within a high performance team. Willingness to coach and mentor other team members.

Strong written and verbal communication skills

SANS GCIA Certified Intrusion Analyst training a plus.
Desirable criteria & qualifications 1-2 years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.

Professional certifications to include CISSP, GCIA.
Relocation available No
Travel required Negligible travel
Is this a part time position? No
About BP Our business is the exploration, production, refining, trading and distribution of energy. This is what we do, and we do it on a truly global scale. With a workforce of 80,000 employees, BP operates with business activities and customers in more than 80 countries across six continents. Every day, we serve millions of customers around the world. We are continually looking for talented, committed and ambitious people to help us shape the face of energy for the future.

BP is one of the three largest energy companies in the world, operating in over 100 countries across 6 continents. Information Technology & Services (IT&S), provides a full range of IT services to BP's global business segments.

IT&S plays a critical role in the delivery of defined world-class operational services that BP businesses can rely upon in support of their own performance. Our specific accountabilities include the delivery of services to specified target levels, including availability, recoverability and cost to the corporation. These services must also be delivered safely and secured against the growing risk of viruses and other security threats.

We aim to benchmark our performance favorably against a defined peer group of the world's best and intend to deliver our services with professionalism to rival any major business corporation in the world - this is what we mean by being 'World Class'. To achieve this exciting level of performance will require a commensurate level of enthusiasm, commitment and expertise in our people.
Disclaimer If you are selected for the position, your employment will be contingent upon submission to and successful completion of a post-offer/pre-placement drug test (and alcohol screening if required by the role) as well as pre-placement verification of the information and qualifications provided during the selection process.

BP is an equal opportunity employer.
Removal Date 04-May-2012

2. Job title Information Security Operations Analyst
Req ID 30811BR
Job category Information Technology & Services
Sub-category IT Delivery
Countries (State/Region) United States - Texas
Location Houston
Role synopsis The Information Security Operations Analyst analyzes and translates large amounts of disparate security data into concise, structured intelligence information that can then be used by Security Management and Analysts to monitor and protect our digital computing environment.

The candidate will analyse security data by utilizing, conceptualizing and creating new custom tools to produce valuable intelligence and trends in an automated and repeatable fashion thereby enhancing the capability of the Security Operations Center analysts and Level 3 technical security response teams.

This is a complex role requiring a seasoned individual with a high-level and range of technical skills including a deep understanding of security events. Context of the source and nature of security log information is key coupled with the ability to translate raw data into intelligence.
Key accountabilities • Reduce the time required to gather precise, usable security intelligence data from large amounts of disparate logs and other security information sources.
• This will be accomplished by creating and implementing tools that enable the extraction and analysis of security data stored in data sources such as LDAP databases, security log files, XML data structures and other security toolsets.
• Data integration from Enterprise Configuration Manager (ECM), McAfee ePO, Qualys and WebInspect with ArcSight Enterprise Security Manger (ESM) and RSA Archer.
• Work closely with the Digital Security teams to ensure tool requirements (functional and non-functional) are complete, understood and realized. Work with in house and external analysis, development & testing teams to ensure solution components and interfaces are delivered in accordance with the design
• Create, implement and maintain custom tools to enable digital forensics; such as remote memory capture, malware analysis and disk imaging.
• Possessing a broad understanding of the functionality and technology of existing digital security systems and a deep understanding of multiple business applications.
Essential Education Bachelor's degree or equivalent experience.
Essential experience and job requirements • Excellent understanding of programming technologies such as Web Services, SOAP, XML, VB.net, Shell Scripting, Visual Basic and AutoIt.
• Extensive knowledge of Active Directory / MS Exchange, LDAP DataBase queries and data mining.
• Capability to form disparate output from Qualys, Enterprise Configuration Manager (ECM), WebInspect and other security testing applications into common formats for detailed reporting and data injection into correlation engines.
• Working understanding of database technologies such as MS SQL, Oracle and MySQL.
• Proficient in the operation and troubleshooting of operating systems such as Windows (XP, Windows 7, 2003, 2008).
• Working knowledge of file systems such as NTFS, FAT32 and FAT.
• History of working under crisis or within various incident situations within a security incident response team.
• Must have the ability to learn / grasp new technologies quickly.
• Individual must be a self-starter with the ability to multi-task and work within a high performance team.
Other essential skills and knowledge • 10+ years of IT industry experience in a large corporate environment.
• 5+ years programming / data-modelling with Web Services, SOAP, XML, SQL with a security related context.
• Understand the function of ArcSight ESM and ArcSight Logger appliances.
• Working knowledge of change and release management in a large scale environment
• Good project management skills
Desirable criteria & qualifications • Proficiency with Linux and UNIX operating systems.
• Experience integrating data feeds into RSA Archer Risk Management tool.
• MCSE or other industry certification.
• Security Certifications such as CISSP a plus.
Relocation available No
Travel required Yes - up to 25%
Is this a part time position? No

3. Job title GOI Security Service Delivery Manager
Req ID 31419BR
Job category Information Technology & Services
Sub-category IT Delivery
Countries (State/Region) United Kingdom
United States - Texas
Location Stockley Park
Houston
Role synopsis Global Operations and Infrastructure (GOI) designs, builds and operates BP’s core IT&S services. It is responsible for the day-to-day operation of the technology people rely on every day to do their job such as computers, telephones, email, wireless, conferencing; helpdesk support for end-users of services; and the design, build and operation of BP’s IT&S infrastructure and systems, such as data centres and networks.

IT&S Global Operations and Infrastructure (GOI) plays a critical role of delivering cost-effective world-class infrastructure services that the BP businesses place reliance upon in support of their own business processes. GOI specific accountabilities include the delivery of services to specified target levels measured primarily in terms of availability, recoverability and cost to the corporation. These services must also be delivered safely, in compliance with all regulatory requirements and secured against the growing external security threats. GOI Security creates strategy, interprets risks, determines corporate needs and then manages these factors in concert with both internal global teams and global suppliers to deliver the critical infrastructure processes to more than 700 BP locations worldwide.
The role is responsible for managing the outcomes of both GOI Security global teams as well as suppliers reporting to the Head of GOI Security. This role is accountable for managing the effective operational delivery of GOI Security services to internal customers. This role will also act as an escalation point for any customer or vendor issues pertaining to service quality or service delivery.
Key accountabilities • Primary customer interface for day to day operations for GOI Security
• Chair Global Service Delivery meetings to review and address both internal and external quality reviews, raise and implement continuous improvement actions, and
• Maintain vigilant review of customer-facing and internal reports to ensure GOI Security is meeting customer expectations
• Review monthly risk logs and ensure actions and remediation tasks are executed
• Periodically review and maintain all GOI Security teams are implementing services compliant with all relevant regulatory standards.
• Ensure that BP best practices are followed and recommend areas where these can be leveraged globally for the benefit of BP
• Drive procedural/ operational efficiencies in a collaborative environment
• Define the service delivery measures, structure periodic reporting mechanisms on the performance against these measures, and ensure that these are reviewed by leadership on a regular basis
• Appraise, coach, support, and develop Operations Support Team staff
• Conduct, review and manage a broad engagement across the enterprise to collect, collate and understand service requirements, business strategy, plans and priorities
• Consolidate information from all GOI Teams, business customers, and suppliers to clearly define and effectively communicate a comprehensive service strategy and roadmap for GOI Security
• Serve as an escalation point for customers and a key contact point for resolution of customer facing issues relevant to GOI Security services.
• Develop and implement continuous improvement plans
• Supplier management
• Contributes to team effort by accomplishing related results as needed.
Essential Education Bachelor's Degree required.
Essential experience and job requirements • This role requires someone with the competencies “normally” associated with 10 years experience in IT Service Delivery with a major part of this experience in IT Operational Management
• Experience in a dynamic and complex Operational environment managing or supporting Regional change activity
• Managing Processes, Developing Standards, Audit, Tracking Budget Expenses, Developing Budgets, Performance Management
• Experience in service management or customer management areas
• Knowledge of tools and technologies in the change management domain
• Strong influencing and negotiating skills to support the above; this includes being a point of escalation for process issues
• Effective Collaboration and communication skills
• Work closely with the other Domain/Regional Service Managers to ensure an holistic service management practice
• Proven commitment to IT Service Management best practices, especially Change Management
• Foundation qualifications in ITIL
Desirable criteria & qualifications • Experience around ISO2000, CObIT, Six Sigma and Lean Management
• Experience of Service Delivery as part of a large outsourced Service Operation
• Experience of implementing operational level agreements involving multi-sourced and multi-disciplined service providers
• Membership of a professional organisation, e.g. IT Service Management Forum; IT Service Management Institute
• Knowledge of Remedy Service Management toolset
• Experience working in very large, global organizations with complex IT footprints is preferred
Relocation available No
Travel required Negligible travel
Is this a part time position? No

4. Job title GOI Security Incident Manager
Req ID 31418BR
Job category Information Technology & Services
Sub-category IT Delivery
Countries (State/Region) United Kingdom
United States - Texas
Location Stockley Park
Houston
Role synopsis Global Operations and Infrastructure (GOI) designs, builds and operates BP’s core IT&S services. It is responsible for the day-to-day operation of the technology people rely on every day to do their job such as computers, telephones, email, wireless, conferencing; helpdesk support for end-users of services; and the design, build and operation of BP’s IT&S infrastructure and systems, such as data centres and networks.

IT&S Global Operations and Infrastructure (GOI) plays a critical role of delivering cost-effective world-class infrastructure services that the BP businesses place reliance upon in support of their own business processes. GOI specific accountabilities include the delivery of services to specified target levels measured primarily in terms of availability, recoverability and cost to the corporation. These services must also be delivered safely, in compliance with all regulatory requirements, and secured against the growing external security threats. GOI Security creates strategy, interprets risks, determines corporate needs and then manages these factors in concert with both internal global teams and global suppliers to deliver the critical infrastructure processes to more than 700 BP locations worldwide.
The role is responsible for managing logical security incidents and crises within GOI, Digital Security, and suppliers reporting to the Head of GOI Security. This role is accountable for managing the effective operational delivery of GOI Security incidents as well as coordinating the actions of the crisis response team members.
Key accountabilities • Primary interface for logical security incidents and crisis management teams involving or affecting GOI.
• Manage security incidents in alignment with established Incident & Problem processes as well as Digital Security practices.
• Perform problem management activities to ensure that root causes are derived and actions closed.
• Escalate & report security incidents to appropriate team members and line management
• Review monthly risk logs and ensure actions and remediation tasks are executed
• Coordinate the recording and active management of any risks resulting from root causes within GOI Security accountability
• Ensure that BP best practices are followed during incidents and crisis management as well as recommend areas where these can be leveraged globally for the benefit of BP
• Drive procedural/ operational efficiencies in a collaborative environment
• Develop and implement continuous improvement plans with GOI teams and supplier organizations to improve security incident response plans.
Essential Education Bachelor's Degree or equivalent experience.
Essential experience and job requirements • This role requires someone with the competencies “normally” associated with 5 years experience in IT Security and/or strong security awareness combined with IT Operational Management experience.
• Experience in a dynamic and complex Operational environment managing or supporting security activities.
• Knowledge of tools and technologies for security incident management.
• Strong influencing and negotiating skills to support the above; this includes being a point of escalation for process issues
• Good Collaboration and communication skills
• Work closely with the other Domain/Regional Security Network to ensure an holistic security incident response model
• Foundation qualifications in ITIL
Desirable criteria & qualifications • CISSP, Security Incident handling accreditation
• Experience of security as part of a large outsourced Service Operation
• Experience of implementing operational level agreements involving multi-sourced and multi-disciplined service providers
• Experience working in very large, global organizations with complex IT footprints is preferred
Relocation available Yes - Domestic (In country) only
Travel required Yes - up to 25%
Is this a part time position? No

Комментариев нет:

Отправить комментарий