Description
The Regional Network & Communication Information Security Specialist function is responsible
for the operations that ensure the security of the network and communication services of the
EMEA region. He/She has a special focus on the integration of the best practices from
IT/Cybersecurity and OT Technologies into the daily operations of the Cement plants.
Under the supervision of the EMEA Network & Communications Supervisor, the EMEA Network
& Communications Security Specialist is a key player in the IT/OT convergence project
activities, and is responsible for providing L1/L2/L3 support to the network and communication
security services.
Responsibilities
1. Assist and deploy policies within the IT/OT framework.
2. Actively participate in the delivery activities related to IT/OT convergence projects.
3. Isolate cement plants’ network from the office network, by implementing the so-called
“bridge” firewalls and the different network segments as per the IT/OT Holcim Security
Standard.
4. Keep industrial firewalls hardened and with the right level of automation and
configuration; housekeeping the rulesets ensuring the maximum efficiency.
5. Provide periodic support to cement plant managers or local internal control teams on
information sharing to fulfill Minimum Control Standards in the OT environment.
6. Create segmentation inside the OT networks, ensuring the availability of the automation
network.
7. Provide top-notch technical expertise to monitor IT/OT networks for security threats or
unauthorized users.
8. Be a key stakeholder to the security projects in the scope of the department.
9. Provide technical support to operational issues for both network and communication
services
10. Automate the environment to proactively improve the delivery of the security services.
11. Deploy the relevant monitoring tools and have the correct mindset to ensure proactive
corrections and fast incident resolution.
12. Leverage and maintain appropriate tools to ensure configuration management and
capacity planning.
13. Ensure efficient collaboration with Delivery, Security, EUS, I&O and the rest of the IT
Services teams.
14. Ensure the consistent and up to date technology & security skills.
15. Work with external suppliers to source hardware and software solutions to network
security issues.
16. Deploy, test and maintain security systems such as VPNs, firewalls and email security.
17. Ensure that current network system security is suitable for future requirements of Holcim.
18. Identify compromised machines and report on security measures taken to address
threats.
19. Analyze security risks and develop response procedures.
20. Developing and testing software deployment tools, firewalls and intrusion
detection/prevention systems.
21. Creating security documentation for users, assisting in disaster recovery and gathering
evidence regarding cybercrimes.
22. Work proactively on root cause analysis, problem solving and standard operating
procedures creation.
23. Conducting regular security audits and preparing security status reports.
24. Ensure the Service Level commitments are respected by monitoring the main KPIs.
25. Follow and enforce the security, internal control and standardization principles defined by
the Group and regional teams.
26. Work on the efficient transfer of delivered services into the run organization (service
introduction)
Position Requirements
27. Level of education/qualifications normally required: Graduate degree in Computer Science, Engineering or related discipline with an IT focus A professional industry certification; experience in networking systems, information technology, or network security is a must. Advanced Professional certification in network domain ( CCNA, CCNP, CCSP) AWS Certified Advanced Networking is a plus.
28. Specific work experience: Broad technical knowledge of IT with at least 6 years experience. Experience within IT/OT environments. Well versed in multiple security technologies such as SIEM; Intrusion Detection
Systems; Next Generation Firewalls; Deep Packet Inspection; Layer 7 filtering; Web
Proxy/Content Filtering; PKI, Radius, Log Analysis, vulnerability management, etc. Broad knowledge of business-impacting security scenarios and viable methods to
detect these scenarios. Experience working with 3rd party providers Experience working on projects Work experience in a related industry setting (cement, aggregate, ready-mix or other
manufacturing industries) is a plus Experience working with international teams is a plus Experience with DevOps tools (Ansible, Terraform) is a plus.
29. Technical / functional skills: Deep understanding of running IT services in regards to technology and processes. Knowledge of existing and emerging hardware and software technologies and IT
architectures. Strong competency in developing efficient and effective solutions to diverse and
complex business problems. Ability to implement IT security policies and governance. Deep knowledge of Cisco firewall technologies (ASA, Firepower). Deep knowledge of Network infrastructure (WAN / Internet, LAN / Wireless LAN,
Perimeter Security, VPN) and related products, manufacturers and APIs Cisco Meraki AWS Solarwinds Deep knowledge of proxy and web filtering solutions (Forcepoint specifically, Zscaler,
Umbrella...) Knowledge of DNS protocols and manufacturers (Infoblox, Route53, etc.) Good understanding of incident, problem and change management processes and
procedures as well as ticketing platforms Proven analytical and troubleshooting abilities
30. Behavioral / managerial competencies: Ability to communicate openly and effectively with IT management, Business Units
management, with other IT managers, with staff, and with many diverse constituencies Ability to work decisively under heavy workload considering the criticality, urgency and
extended work hours required to ensure the availability of the service in accordance to
service level commitments High willingness to drive transformation and service improvement Strong customer / end-user / client service orientation Highly self-motivated and directed Keen attention to detail Capability for problem solving, decision making, sound judgment, assertiveness
Language Skills
31. Excellent English (written & spoken).
32. Other languages (Arabic, French etc.) in the EMEA region are a plus
Mobility requirements (time spent traveling internationally, nationally, etc.): 10%
Other Information
33. Value inclusion within the day to day responsibilities by respecting others’ perspectives and convictions, engaging others’ opinions, creating a safe environment where people, ideas and opinions are valued within the team / “internal” customers and external partners.
34. Respect and take into consideration diversity by valuing different world views, challenges and cultures that represent all walks of life and all backgrounds.
35. Is sensitive to how people, cultures and organizations function. Deals comfortably with organizational politics. Steer through the organizational maze to get things done.
36. Demonstrates positive thinking mindset, consistently identifying highlights.
37. Shows a can-do attitude in good and bad times and acts as a role model in terms of ethics and self awareness.
38. Ability to travel within the region for extended periods of time in a row (up to 10% in a year).