Tagcor

Security Engineer

The Information Security Specialist will perform any of the following activities depending on business

needs:

• Coordinate and perform ISO 27000 process management functions and control testing reporting and

activities in accordance with regulatory and departmental policy and procedures.

• Update and maintain control matrices and spreadsheets, and providing recommendations for

Information Security Management System.

• Assist in operational and security-related control and risk assessments to ensure compliance to

regulatory and statutory requirements, as well as industry specific guidelines, such as PCI DSS, ISO

27000, COBIT and ITIL

• Auditing deployed solutions, providing recommendations, and ensuring security policies and regulations

are followed and adhered to for all implemented systems

• Plan, deploy, harden, maintain, troubleshoot, operate and manage network security solutions such as:

Palo Alto, or similar capability, next-generation firewalls (NGFW), Intrusion Detection and Prevention

Systems (IDS/IPS), Cloud based security web gateways, Firewall management tools (e.g. FireMon,

AlgoSec, Tufin), data loss prevention tools,,ICS and OT system security requirements, honeypots and network sensors.

• Documentation of logical and physical architecture

• Follow all the ITIL processes (incident, problem, change) for all items impacting plant operations.

• Create Application and Hardware (System) Lifecycle Plans

• Work with the ITP management to ensure that a multiyear lifecycle plan is created to support from 1st

to 3rd level support including milestones for all known firmware/software versions or functional upgrades

and sunset and successor systems.

• Work with the ITP department to determine, the current level of performance expected and risk with

current process and systems. Create with the business area requirements plans for continuous

improvement of the process and systems throughout the plant.