Shell Nederland BV is a platform for international collaboration, with Shell offering direct employment to around ten thousand people in the Netherlands alone, including roughly 2,800 non-Dutch employees from around 80 countries. Diversity is key at Shell Nederland, and our employees reflect the innovation that stems from a diverse workforce. By joining Shell Nederland, you will benefit from an unrivalled industry-leading development programme that will see you tap into a pool of expert knowledge that will help propel your career. Shell Nederland is the holding company of most Shell companies operating in the Netherlands. Shell Nederland also has an advisory and coordinating role in numerous areas.
As businesses leverage digitalization opportunities, their cyber-attack surface structurally increases, which can lead to business disruptions, data breaches and brand damage. High profile industry incidents show that these risks are real, and this has turned cyber resilience into a topic for Boards.
As part of the Information Risk Management (IRM) function in Shell, the Cyberdefence capability has specific focus on identifying cyber threats, discovery of IT vulnerabilities, monitoring for cyber intrusions and response to security incidents. Shell Cyberdefence is responsible for defending Shell against advanced Cyber-attacks through monitoring for advanced Cyber threats, discovery of vulnerabilities and investigating global Cyber incidents. This organization is part of Information Risk Management (IRM) function in Shell IT Services and Operations.
As a Cybersecurity Monitoring Analyst, you will support Cyberdefence by performing incident response and investigations into Cybersecurity incidents.
As part of the Cyberdefence capability the global Monitoring team´s focus is to monitor real-time for cyber intrusions based on indicators of compromise or anomalies from normal behavior and raise security incidents where necessary. As a Cybersecurity Monitoring Analyst, you are responsible for detecting and reporting on potential Information Security events of interest in the IT infrastructure and the use of IT services through the selection, deployment, and improvement of monitoring tools, the incident management processes which support all security, BID and code of conduct incidents involving IT infrastructure and the rapid and effective resolution of incidents involving ITSO and IT suppliers.
- Ensure continuous monitoring of the Shell IT landscape for cyber breaches, performing triage and analysis of events.
- Ensure a proper balance between raising suspicious behaviors and raising too many false positives.
- Together with the Incident Lead and Threat and Analytics Lead create a feedback loop to enhance the monitoring technology.
- Ensure proper handover takes place between Asia-Pac, Europe and US regions to create a near 24/7 coverage of monitoring.
Deliver and Monitoring Services
- Efficiently and effectively monitor the Shell IT estate for Information Security breaches (using Splunk, FireEye, RSA, etc).
- Support the implementation of new infrastructure monitoring tools, both retained and outsourced.
- Proactively monitor and support performance improvement of all retained and outsourced monitoring tools (IDS, desktop monitoring agents, Netflow, DLP, Proxy, etc).
- Perform data harvesting in support of investigations performed by Business Integrity, IRM, Legal and HR.
- Report vulnerabilities to businesses and suppliers and drive short term remediation.
- Analyze monitoring data to detect threats and vulnerabilities and recommend structural improvements.
Operating the Shell Incident Management and Monitoring Process
- Operate part of the IRM incident processes, and support improvement activities.
- Provide triage, data acquisition, analysis and advice on all incidents to help rapidly diagnose problems and identify immediate treatment.
- Handle data harvesting request and ensure suppliers follow the agreed process.
- Maintain an up-to-date register of data sources, harvesting methods, accountabilities and timescales.
- Support the deployment of tools to support security monitoring, harvesting and analysis.
As a Cybersecurity Monitoring Analyst, we do not have to tell you to have knowledge of Windows, Unix or Linux. You know your way around computers. However, if you want to succeed in this role you recognize yourself in the following:
- Experience in Information Security or related IT roles.
- Demonstrable experience performing incident response and IT forensic investigations.
- Strong analytical ability and attention to detail coupled with a broad understanding of all stages of Information Risk Management framework development.
- Understanding of monitoring tools such ArcSight, Splunk (ES), Network monitoring tools, IDS systems and Incident Response tools.
- Moderate knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc)
- Relevant certifications such as, CISSP, SANS and preferably:
- GCIH: GIAC Certified Incident Handler
- GCIA: GIAC Certified Intrusion Analyst
- GCFA: GIAC Certified Forensic Analyst
- GREM: GIAC Reverse Engineering Malware
- Offensive Security Certified Professional – OSCP Certification
- Offensive Security Wireless Professional – OSWP Certification
- Offensive Security Certified Expert – OSCE Certification
- Offensive Security Exploitation Expert – OSEE Certification
- Offensive Security Web Expert – OSWE Certification
- Basic to Moderate knowledge of malware operation and indicators, of current threat landscape (threat actors, APT, cyber-crime, etc)
- Basic to Moderate protocol analysis experience (Wireshark, RSA Netwitness, etc.)
- Basic knowledge and experience of Data Loss Prevention monitoring, scripting, forensic techniques and audit requirements (PCI, HIPPA, SOX, etc.)
Shell is a company with shared values. Honesty, integrity, and respect aren’t simply a strapline: they are a part of everything we do. What’s more, Shell is an equal opportunities company, and we place the highest possible value on the diversity of our people and our inclusive approach.
Join us and you’ll belong to a world where you can feel pride in your achievements and propel your career with global opportunities
We care deeply about fostering a truly diverse workplace. We believe in doing everything we can to make Shell as flexible, appealing and supportive a place for women to work as possible. And we’ve retained our title as a top employer for women in the Times again in 2016.
We help with things like our formal (and informal) flexible working. Like our global and transparent pay policies backed by leadership team fully supportive of our diversity ambitions. And we’ll help foster your career through our Women’s Career Development programme and our extensive Women’s Network.
People with an impairment
At Shell, we’re all about top talent. End of story. We want to encourage those of you who may face an impairment to regard Shell as a place where you’ll be fully supported to grow and develop your career. It’s as simple as that.
If you’d like to apply, just let us know about your circumstances. We can support you throughout the process. From application, to interview, to your first day of a rewarding career with us.
No. of Positions
Please note: We occasionally amend or withdraw Shell jobs and reserve the right to do so at any time, including prior to the advertised closing date.
Before applying, you are advised to read our data protection policy. This policy describes the processing that may be associated with your personal data and informs you that your personal data may be transferred to Royal Dutch/Shell Group companies around the world.
The Shell Group and its approved recruitment consultants will never ask you for a fee to process or consider your application for a career with Shell. Anyone who demands such a fee is not an authorised Shell representative and you are strongly advised to refuse any such demand.
Shell is an Equal Opportunity Employer.
Apply online via the ‘Apply’ button. Click here to apply!
Agency calls not appreciated.