Senior Cyber Vulnerability Engineer - Amsterdam/Dublin

Country: Netherlands 
City: Amsterdam 
Req ID: 475956

About CRH 

We are CRH, and we are committed to improving the building environment. We understand the wider impact our businesses can make in supporting human activity through the delivery of superior building materials and products for use in buildings, roads, public spaces, infrastructure, and other construction areas. 

CRH (LSE: CRH, ISE: CRG, NYSE: CRH) is the leading building materials business in the world, employing c.73,000 people at c.3,200 operating locations in 29 countries. It is the largest building materials business in Europe and North America, with regional positions in Asia. 

Without you noticing our products, we are everywhere you live, work, and relax. 

Our project portfolio includes some of the most sustainable and cutting-edge building projects around the world. Think of the asphalt on the Silverstone Grand Prix Circuit, the Paris Metro Rail project, but also the Louis Vuitton Museum in Paris, parts of the Burj Khalifa, and the Kennedy Space Centre. 

Learn more about us through the following Link.  

Position Overview 

CRH is looking for a Senior Cyber Vulnerability Engineer. The Senior Cyber Vulnerability Engineer is a pivotal role as it requires daily engagements between GIS (Group Information Security), OpCos (Operating Companies) and vendors who are supporting our security systems.  The role will protect the organisation’s critical assets against any kind of cyber threat. Its purpose is to avoid, resist and respond to probable threats. This individual is also responsible for the ensuring successful remediation of technology vulnerabilities which could be exploited by an internal or external actor to gain unauthorized access to computer systems and data. Responsible for the validation of remediation steps taken to minimise vulnerabilities and threat, which have been mitigated by the IT Ops Teams.

The Senior Cyber Vulnerability Engineer will ensure to minimise the risk for CRH, both monetary and reputational, due to potential cyber security threats.

The Senior Cyber Vulnerability Engineer is responsible for the ensuring successful identifying security vulnerabilities that could be exploited by an internal or external actor to gain unauthorized access to computer systems and data. Responsible for the validation of remediation steps taken to minimize vulnerabilities and threat, which have been mitigated by the IT Ops Teams and other teams.

Key Tasks and Responsibilities

In this role, you will:

• Be responsible for Identifying security issues and risks, and develop mitigation plans
• Be responsible for developing and implementing security baselines and hardening procedures for servers, databases, and network devices
• Work with existing and new security solutions such as End-Point Protection, Firewalls, Encryption, Proxy, SIEM
• Be developing, improving & Enforcing security policies and procedures
• Be responsible for reviewing security violation reports and investigates possible security exceptions
• Update, maintain and document security controls
• Implement, support, and evaluate security-monitoring tools
• Evaluate and recommend new and emerging security products and technologies
• Participate in security operations support
• Patch & Vulnerability Management (Qualys)
• Follow up on information security related incidents
• Automation of existing auditing solutions
• Participate in projects
• Consistent implementation of security solutions at the business unit level
• Travel expectations: Limited travel (10-20%) is expected in this role

Key Functional Competencies and Relevant Experience

You are/are capable of:

• Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
• Managing the Managed Service Provider regarding IT security matters
• Experience in Microsoft Azure, Office365 and security tooling
• Working with (Cloud) Identity Management Solutions is a pro (such as OKTA)
• Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.

Your Education and Experience

You are/have:

• Minimum 7 years ITIL-based Service Management in a business-to-business environment
• At least 5 years of experience in infrastructure or application-level vulnerability testing
• At least 7 years of system, network and/or application security experience
• Fluency in both speaking and writing English
• Knowledge of Mitre ATT&CK and NIST CSF
• Third Level qualification (or equivalent) in information technology, Information Security or Engineering.
• CISSP, CCSP, GCIH, GIAC (SANS), CCNP, Splunk certificates and / or other relevant security/Network type engineering certifications.
• Experience or exposure to Network equipment such as Firewalls. switches, routers
• Experience of log collection, analysis and correlation toolsets. Including data extraction and manipulation for reporting and investigation purposes
• Experience of deploying and configuring perimeter defence mechanisms and facilities
• Experience of modern networking and web related protocols (e.g., TCP, UDP, IPSEC, HTTP response codes & methods, REST API basics, etc.)
• Experience of hardening and applying modern security standards across servers, workstations, SaaS-based solutions and network equipment
• Experience of applying cryptographic controls (public/private keys, TLS certificates, PKI, etc.)
• Experience of administering enterprise endpoint and network security tools and platforms across enterprise networks consisting of Windows, OSX, and Linux endpoints
• Administration of Networking, and/or Linux & Windows environments would be advantageous
• Experience with O365 administration would be beneficial

What CRH Offers You  

• A culture that values opportunity for growth, development, and internal promotion  

• Highly competitive salary package 

• Comprehensive secondary benefits 

• Significant contribution to your pension plan  

• Health and wellness programs, including an on-site gym and fitness classes 

• Excellent opportunities to develop and progress with a global organisation  

Connect your future to CRH 

We are curious to learn more about you. At CRH, we believe our mutual differences contribute to the healthy, productive, and enjoyable workspace we create. Please introduce yourself and apply for this great opportunity. 

Is this role not for you, but do you know someone who is a perfect fit? Please let us know: careers@crh.com. 

CRH is an equal opportunity employer. We are committed to creating an inclusive work environment for all employees and actively encourage applications from all sectors of the community. 

Benefits listed below may vary depending on the nature of the employment with CRH and the country where you work.