Cybersecurity Analyst
At Air Products, our purpose is to bring people together to reimagine what's possible, collaborate and innovate solutions to the world's most significant energy and environmental sustainability challenges. Grow with us as we embark on building tomorrow together by being the safest, most diverse and most profitable industrial gas company in the world.
Reimagine What's Possible
JOB SCOPE
Internal Contacts:
External Contacts:
• Cybersecurity Director
• Cybersecurity GRC Manager
• Cybersecurity Team
• IT / OT Team
• Internal Auditor, and
• Any other JIGPC Departments if required
• Contractors
• Suppliers and Vendors
• Consultants
• External Auditors
• External Support Groups
• Government Entities
PRINCIPAL DUTIES AND RESPONSIBILITIES
1.Participate in Cybersecurity Governance, Risk and Compliance (GRC) systems and activities, including the development, maintenance, support and improvement of Cybersecurity policies, processes, procedures and other documents.
2.Prepare and provide regular Cybersecurity GRC Reports and Metrics (Weekly, Monthly, Quarterly, Yearly, Ad Hoc, etc.).
3.Conduct Cybersecurity Risk Management, including Risk Assessments of JIGPC's Information assets and services, and work with the Risk Owners to mitigate the Risks through appropriate Cybersecurity Controls.
4.Develop, maintain, and perform regularly update to Cybersecurity Risk Register and contribute towards Cybersecurity improvements.
5.Perform Compliance Management for JIGPC's Policies, Procedures, applicable Regulations (MoE, NCA and HCIS) as well as Standards and Audit recommendations.
6.Provide support to the users of the Cybersecurity GRC systems.
7.Operate a Cybersecurity Awareness Program consisting of Cybersecurity related training and awareness sessions, Phishing awareness and Tests and Cybersecurity Announcements, etc.
8.Ensures an organization's cybersecurity program complies with applicable requirements, policies and standards.
9.Develops, updates, and maintains cybersecurity policies and procedures to support and align with an organization's cybersecurity requirements.
10.Perform any task not mentioned with similar job nature
11.Perform any other duties assigned by the Head Cybersecurity Specialist or Director.
REQUIREMENTS
We are the world's largest hydrogen producer with over 80 years of industrial gas experience. We are hydrogen and industrial gas experts delivering safe, end-to-end solutions, investing in real, clean energy projects at scale, and driving the industry forward to generate a cleaner future.
At Air Products, we work in an environment where we put safety first, diversity is essential, inclusion is our culture, and each person knows they belong and matter. To learn more, visit About Air Products.
Reimagine What's Possible
JOB SCOPE
- Ensure the performance, security, and reliability of JIGPC's Cybersecurity GRC activities and applications.
- Monitor and report on Governance and Compliance of JIGPC's Cybersecurity policies, procedures, applicable regulations, and standards as well as Audit reports.
- Identify and document Cybersecurity related Threats, Vulnerabilities and Risks and work with the relevant Stakeholders to implement appropriate Cybersecurity controls for their mitigation.
- Develop and maintain organizational cybersecurity policies. Governs cybersecurity structures and processes, manages cyber risks, and assures compliance with the organization's cybersecurity, risk management and related legal requirements.
- Control the execution and implementation of Cybersecurity GRC related projects.
- Guarantee Quality of Work and deliverables.
Internal Contacts:
External Contacts:
• Cybersecurity Director
• Cybersecurity GRC Manager
• Cybersecurity Team
• IT / OT Team
• Internal Auditor, and
• Any other JIGPC Departments if required
• Contractors
• Suppliers and Vendors
• Consultants
• External Auditors
• External Support Groups
• Government Entities
PRINCIPAL DUTIES AND RESPONSIBILITIES
1.Participate in Cybersecurity Governance, Risk and Compliance (GRC) systems and activities, including the development, maintenance, support and improvement of Cybersecurity policies, processes, procedures and other documents.
2.Prepare and provide regular Cybersecurity GRC Reports and Metrics (Weekly, Monthly, Quarterly, Yearly, Ad Hoc, etc.).
3.Conduct Cybersecurity Risk Management, including Risk Assessments of JIGPC's Information assets and services, and work with the Risk Owners to mitigate the Risks through appropriate Cybersecurity Controls.
4.Develop, maintain, and perform regularly update to Cybersecurity Risk Register and contribute towards Cybersecurity improvements.
5.Perform Compliance Management for JIGPC's Policies, Procedures, applicable Regulations (MoE, NCA and HCIS) as well as Standards and Audit recommendations.
6.Provide support to the users of the Cybersecurity GRC systems.
7.Operate a Cybersecurity Awareness Program consisting of Cybersecurity related training and awareness sessions, Phishing awareness and Tests and Cybersecurity Announcements, etc.
8.Ensures an organization's cybersecurity program complies with applicable requirements, policies and standards.
9.Develops, updates, and maintains cybersecurity policies and procedures to support and align with an organization's cybersecurity requirements.
10.Perform any task not mentioned with similar job nature
11.Perform any other duties assigned by the Head Cybersecurity Specialist or Director.
REQUIREMENTS
- Minimum Qualifications (degree, training, or certification required)
- Degree: Bachelor's Degree in Cybersecurity, Information Security, Computer Science or equivalent.
- Certifications: GRC and Cybersecurity related certifications (e.g. Security+, CISSP, CISA, CRISC, CISM, CEH, GIAC, SSCP, etc.) preferred.
- Training and other requirements:
- Robust knowledge of Cybersecurity regulations, standards, and controls.
- Strong understanding of IT / Cybersecurity Governance, technologies, and services.
- Expertise in preparing and analyzing GRC and Cybersecurity reports.
- Experience in IT / Cybersecurity Audit / Compliance / Regulatory discussions.
- Minimum Experience (Technical, functional, and/or leadership experience required)
- One to Two (1 - 2) years of IT GRC / Cybersecurity GRC / Information Security related work experience.
- Job Specific Skills (Key functional, leadership, or business skills required)
- Awareness of latest IT GRC / Cybersecurity GRC trends and techniques.
- Ability to identify Cybersecurity related Risks and their corresponding controls.
- Ability to work under pressure in a fast-paced environment and meet tight deadlines.
- Ability to work successfully in both individual and team settings.
- Strong critical thinking, problem-solving, logic, and forensics skills.
- Demonstrated capacity to learn, intellectual honesty and independent thinking.
- Strong interpersonal communication skills.
- Strong verbal and written communication skills in English.
We are the world's largest hydrogen producer with over 80 years of industrial gas experience. We are hydrogen and industrial gas experts delivering safe, end-to-end solutions, investing in real, clean energy projects at scale, and driving the industry forward to generate a cleaner future.
At Air Products, we work in an environment where we put safety first, diversity is essential, inclusion is our culture, and each person knows they belong and matter. To learn more, visit About Air Products.
JOB SUMMARY