Technical Analyst Security - CITGO Petroleum Corporation

CITGO Petroleum Corporation is a recognized leader in the refining industry and operates under the well-known CITGO brand. CITGO owns and operates three refineries located in Lake Charles, LA.; Lemont, IL.; and Corpus Christi, TX, and wholly and/or jointly owns 38 active terminals, six pipelines and three lubricants blending and packaging plants. With approximately 3,300 employees and a combined crude capacity of approximately 807,000 barrels-per-day (bpd), positions CITGO as one of the best-branded supplier companies in the industry.

At CITGO our people are our most important resource. Our core values are Safety, Integrity, Respect, Accountability, and Care.

Job Summary

Participate in the operation of the information security scheme related to network security, which includes design, implementation and administration of technical cybersecurity defenses for firewalling, segmentation, network intrusion detection and prevention, network access monitoring and control, network vulnerability scanning, penetration testing, etc. Also, the analyst is an important part in the process of reviewing and executing the incident response process, and performing digital forensics investigations. Participate in team planning activities; occasionally assume responsibility for planning security assessments, evaluations, and projects. Analyst needs to possess knowledge and experience in area of responsibility. Capable of solving a set of security related problems with minimum assistance; contract vendors occasionally. Job requires carrying a pager and/or cell phone and take part on an on-call schedule.

Minimum Qualifications

Bachelor's Degree in Computer Sciences, Telecommunications, Management, Networking or related field.

The minimum number of years of job related experience required by this job is: 3.

Experience on network security (network firewall, VPN, SIEM, URL Filtering and web content filtering), preferred.

Experience with Cisco Security Suite (Cisco-ASA, Firepower FTD, FMC, ISE, Umbrella), preferred.

Cisco certified (CNNP) preferred.

Cloud Security, MS Azure networking and security preferred.

Security certified professional (CISSP) preferred.

Job Duties

Participate in thedesign, implementation and maintenance of network technology services for ensuring the confidentiality, integrity and availability of CITGO information assets at Houston and remote sites, including process control networks, and hosts of CITGO information in the "cloud". By enforcing zoning and firewalling among different areas of the network with different security requirements. Deploy and administrate network access control lists, firewall rulesets, Virtual Private Networks (VPN), Network Access Control (NAC), etc.

Provide day to day administration and maintenance of intrusion detection and prevention systems, dedicated to detect known form of attacks and policy violations, as well as anomalies. These systems include the administration of: Firewall, Network intrusion detection and prevention (IDS and IPS), Data Loss Prevention (DLP), Host/Endpoint Security as well as web content filtering and Cloud Access Security Broker (CASB).

Administration and maintenance of the department's capability for real-time alerting and digital forensics. Enable sources of security events to produce and forward logs to the Security Information and Event Management (SIEM) tool; ensure the SIEM tool gathers and correlate events to provide the necessary real-time alerting for CITGO Incident Response (IR) capability. Prioritize alerts based on severity and target's criticality, determine and tune out false positives, and add detection to minimize false negatives.

Review, test and be part of in the Incident Response (IR) process, by periodical review and testing of the procedure. Also participate in investigating alerts, helping confirm incidents, and be part of response team. Contribute in the lesson learned phase of the incident response process by helping fine tune the detection capability.

Conduct security assessments to determine areas of vulnerability to CITGO information assets; this process includes determining information asset owner's acceptable level of risk and recommending controls such as policies, procedures, and technology to mitigate vulnerabilities while decreasing risk down to acceptable levels. Implement the department's vulnerability scanning program, work with IT department to ensure controls, including patching, are implemented timely and with minimal impact to the business operations.

Analyze technological advances with existing product lines and emerging technologies, against the requirements of the company and the information asset owner, to ensure the appropriate policies, procedures, hardware and software controls are selected to provide effective protection over an extended period of time. Ensure compatibility within the entire CITGO security scheme and integrate with minimal impact to end users of information asset systems.

Job Duties II

Job duties displayed above are not all-inclusive, site-specific responsibilities may be assigned.

Here are the incentives we offer:

• Remote Work options available for eligible positions
• Options are department and/or location specific
• 9/80 Work Schedule Option (where applicable)
• Annual Vacation Incentive (40-120 hours of additional pay) for Eligible Employees
• Paid Vacation Time
• Company-Paid Holidays
• Caregiver Leave
• Excellent 401(k) Match
• Pension Plan
• Company-Paid Sick Leave and Long-Term Disability
• Medical, Dental, & Vision Plans; FSA and HSA options
• Company-Paid Life Insurance for Active Employees
• Healthy Rewards Program
• Service Awards Program
• Educational Assistance Plan
• Dependent Children Scholarships
• Reimbursement for Gym Membership
• Employee Discount Programs
• On-site Health Clinic (select locations)
• On-site Cafeteria (select locations)
• On-site Credit Union and ATM (Corporate office only)
• On-site Fitness Center (select locations)

PLEASE NOTE ALL JOBS DO NOT QUALIFY FOR ALL PERKS

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.

Requisition ID - 696