At Valvoline Global Operations, we're proud to be The Original Motor Oil, but we've never rested on being first. Founded in 1866, we introduced the world's first branded motor oil, staking our claim as a pioneer in the automotive and industrial solutions industry. Today, as an affiliate of Aramco, one of the world's largest integrated energy and chemicals companies, we are driven by innovation and committed to creating sustainable solutions for a better future.

With a global presence, we develop future-ready products and provide best-in-class services for our partners around the world. For us, originality isn't just about where we began; it's about where we're headed and how we'll lead the way. We are originality in motion.

Our corporate values—Care, Integrity, Passion, Unity, and Excellence—are at the heart of everything we do. These values define how we operate, how we treat one another, and how we engage with our partners, customers, and the communities we serve. At Valvoline Global, we are united in our commitment to:

• Treating everyone with care.
• Acting with unwavering integrity.
• Striving for excellence in all endeavors.
• Delivering on our commitments with passion.
• Collaborating as one unified team.

Job Purpose

The Senior Information Security Engineer leads the design, implementation, and continuous refinement of the organization's cybersecurity capabilities. This advanced role requires a deep technical expertise in security technologies and a strategic approach to protecting the organization's information assets. The Senior Engineer is pivotal in conducting complex security assessments, identifying vulnerabilities, and developing robust solutions to enhance the security posture of the organization.

With a strong focus on technical leadership, this individual collaborates closely with the IT department and cybersecurity team to develop secure systems, networks, and applications. Additionally, the Senior Information Security Engineer works hand-in-hand with the IT Governance, Risk Management, and Compliance (GRC) teams to ensure cybersecurity strategies align with organizational policies and regulatory requirements. This involves a strategic partnership to assess risks, manage cybersecurity compliance across systems, and integrate security best practices into GRC frameworks.

The Senior Information Security Engineer is also responsible for researching and integrating new security technologies and best practices into the existing infrastructure to address evolving threats. This role involves critical thinking, problem-solving, and a proactive attitude towards cybersecurity challenges.

How You Make an Impact (Job Accountabilities)

1. Work alongside project leads and IT teams to facilitate a smooth integration of new solutions into the organization's cyber security framework. Provide support during the implementation phase of cyber security tools, ensuring that deployment tasks are completed timely.
2. Actively mentor Information Security Engineering team members, sharing insights on best practices and the latest trends in cyber security tool deployment and management. Foster a culture of continuous improvement and innovation within the cyber security team, encouraging the adoption of emerging technologies and methodologies to enhance the organization’s cyber security posture.
3. Lead the initial configuration of newly implemented tools, applying in-depth knowledge of security standards and operational procedures to create a robust foundation for tool effectiveness. Collaborate with cyber security and IT teams to adjust settings and configurations based on operational feedback and evolving security threats, enhancing the organization's cyber security posture.
4. Provide strategic oversight for the monitoring and management of cyber security tools and systems, ensuring they operate at peak efficiency and are fully aligned with the organization’s cyber security strategies.
5. Act as an escalation point for operational issues in cyber security tools and systems, providing specialized knowledge to resolve more complex problems. Leverage external support resources and serve as the primary point of contact for troubleshooting issues.
6. Participate in the assessment of new cyber security tools, focusing on evaluating their potential operational impact and alignment with the organization’s security needs. Aid in the selection process by contributing insights on tool effectiveness and compatibility with existing systems.

What You Bring to the Role (Job Qualifications / Education / Skills / Requirements / Capabilities)

Education

• Bachelor's degree in information systems, engineering, management, or related field, or equivalent work experience.

Work Experience

• 5+ years of experience in information technology or information security
• Industry certifications such as CISSP, CISM, CCSP, GIAC (GSEC, GCED, GCIA, etc.)
• Vendor-specific certifications (Netskope, Palo Alto, Zscaler, Microsoft purview, Code42 etc.)

Competencies Desired

• Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.
• Technical proficiency with security-related systems and applications.
• Experience in developing, documenting and maintaining security procedures.
• Strong knowledge of TCP/IP and network administration/protocols, zero trust principles.
• Hands-on experience with AWS/Azure/GCP security controls
• Proficient knowledge in scripting (Like Python, PowerShell)
• Experience performing security reviews for new systems
• Strong analytical and problem-solving skills to enable effective security incident and problem resolution.
• Excellent documentation skills.
• Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously.
• Ability to work well under minimal supervision.
• Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT-business personnel.
• Strong written and verbal communication skills.
• Strong customer/client focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships.

XML job scraping automation by YubHub