Mainstream Renewable Power is a leading pure-play renewable energy company, with wind and solar assets across global markets, including in Latin America, Africa, and Asia-Pacific. Our mission is to accelerate the global transition to renewable energy by delivering clean, affordable and reliable energy at scale. We are one of the most successful developers of gigawatt-scale renewables platforms, across onshore wind, offshore wind, and solar power generation with a global portfolio of 27 GW. In May 2021, Aker Horizons acquired a majority stake in Mainstream, and in April 2022, Mitsui & Co., Ltd. joined Aker Horizons as a long-term strategic investor. We currently employ over 600 people across 5 continents, and we are always looking for ambitious, driven, and talented people to join us on our mission to drive forward the energy transition.
Mainstream Renewable Power is looking for a Cybersecurity Analyst responsible for ensuring the security of the digital infrastructure. The Cybersecurity Analyst will support the Head of Cybersecurity in designing, implementing and maintaining IT Security systems and will monitor the organization's IT assets to protect them. Working with the Head of Cybersecurity in the identification and mitigation of specific security risks within the organization's IT systems. The Cybersecurity Analyst will liaise with the business, other IT / OT functions and the wider business representatives. The purpose of the engagement will be to resolve issues, manage risk, to solve problems and deal with difficulties that arise with compliance of policy, process and other guidelines. The Cybersecurity Analyst will also be responsible for conducting risk assessments and providing recommendations to mitigate identified risks.
What you will do?
- Experience in implementing & monitoring Information Security controls, practices and technology for multiple levels within an organisation.
- Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources.
- Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization
- In depth knowledge of Microsoft Azure and MS 365 Defender security suite.
- Reviews alerts and data from network security sensors, and documents formal, technical incident reports
- Works with SOC providers to improve threat intelligence and/or threat-hunting
- Supports the creation of business continuity/disaster recovery plans, including conducting disaster recovery tests, publishing test results and making changes necessary to address deficiencies.
- Works with SOC provider and Sentinel event management (SIEM) to manage/tune the system, create/manage the detection content and actively watch for alerts.
- Correlates network, cloud and endpoint activity across environments to identify attacks and unauthorized use.
- Research emerging threats and vulnerabilities to aid in the identification of incidents
- Provides users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
- Perform security standards testing against computers before implementation to ensure security
What we require?
- 5+ years of experience in Cybersecurity Operations
- 5+ years of experience with regulatory compliance and information security management frameworks (such as International Organization for Standardization [IS0] 27000, COBIT, National Institute of Standards and Technology [NIST] 800.
- Integrity, excellent team player, self-motivated, passionate and drive for long-term commitment
- Ability to work well in a multicultural and multinational environment.
- English fluency is required.
Desired, but not essential:
- Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM)
- Exposure to NERC-SIP and OT regulatory standards
What we offer?
We offer you the opportunity to work in a dynamic and entrepreneurial organisation, in a growing market in a fast-paced industry.