Specialist, Cyber Security Operations

Discover a Brighter Future 

At South32, we’re meeting the challenge of enabling a sustainable future through our focus on responsibly producing commodities critical for a low-carbon world.
 

As a collaborative, caring and inclusive company, there’s no better place to make a genuine difference. Together we’re making a positive, global impact that has the potential to change lives.

 
Whatever career path you choose, we’ll support you every step of the way to learn, grow and succeed. So join us, step towards a brighter future and leave your legacy.
 

ABOUT Hermosa

Hermosa, located approximately 75 miles south-east of Tucson, Arizona, is the only advanced mining project in the United States as of 2023 that could produce two federally designated critical minerals—manganese and zinc—as well as silver and lead. The project has the potential to help power the nation’s clean energy future, strengthen the domestic supply chain of critical minerals, grow the local economy, and improve lives in Santa Cruz County and the surrounding community for generations to come.

ACERCA de Hermosa

Hermosa, ubicado a aproximadamente 75 millas al sur este de Tucson, Arizona, es el único proyecto de minería avanzada en los Estados Unidos hasta la fecha que puede producir dos minerales designados como críticos por el gobierno federal: manganeso y zinc, así como también plata y plomo. El proyecto tiene el potencial de ayudar a impulsar el futuro energético limpio del país, reforzar la cadena de suministro nacional de minerales esenciales, hacer crecer la economía local y mejorar la calidad de vida en el condado de Santa Cruz y en las comunidades aledañas para las generaciones venideras.

WHAT SOUTH32 OFFERS

• Annual short-term incentive bonus that recognizes both your individual performance and the overall success of the business.
• When you choose to contribute more into your retirement savings, South32 will match it up to a certain percentage.
• South32 provides you with 4 weeks paid time off.
• 12 weeks full-paid parental leave for primary carers and 2 weeks full-paid parental leave for secondary carers
   

ABOUT THE ROLE 

As a Cyber Security Operations Specialist, you will support the successful delivery of cyber security operations services, to detect and respond to threats as part of a global Security Operations team. 

You will have autonomy in your role to perform security monitoring, investigation, triage, incident response, recovery, remediation as well as proactive planning, and threat hunting activities. The role will focus on end-to-end coverage of cyber security threats affecting IT and OT/ICS environments in collaboration with domain specialists across the Cyber Security team and broader Digital Technology department.

This role will report directly to the Lead Cyber Security Operations, working within the Security Operations team and collaborating closely with the Operations and broader Digital Technology team. This is a hybrid role based in Tucson, Arizona.

Other key responsibilities include, but aren’t limited to: 
Individual accountabilities:

• Manage day-to-day Cyber Security Operations activities including event and incident logging, monitoring, and SIEM platform administration
• Conduct threat analysis and triage activities to identify security incidents and breaches across IT and OT environments
• Conduct investigations into cyber security incidents and support the response to cyber security incidents by developing and implementing response plans, coordinating with key stakeholders and business representatives
• Support and conduct routine threat and vulnerability management activities
• Support the maintenance and tuning of endpoint protection solutions across the organization
• Support the configuration and management of data and information protection controls
• Conduct and support asset discovery across IT and OT/ICS environments
• Communicate cybersecurity threats and incidents to key stakeholders across the business
• Conduct Security Risk Assessments in the Americas in collaboration with the Cybersecurity Governance, Risk and Compliance team.

Key shared responsibilities: 

• Contribute to design, architecture and engineering of security operations (Use-Cases, Playbooks etc.)
• Support and execute threat hunting campaigns
• Support the delivery of key cybersecurity initiatives that uplift the functions capability
• Assess and analyze cyber security threat intelligence, emerging cyber threats, and technology to ensure the organization's detection and protection controls are effective 
• Act as an internal subject matter expert for security monitoring and incident response
• Continue learning and development and conduct knowledge transfer within the Cyber Security team
• Identify non-compliance to cyber security policies, standards, procedures and guidelines

ABOUT YOU 

• Bachelor's Degree in Cybersecurity, Information Technology or STEM
• Minimum 3 years of practical experience in a Cybersecurity Operations environment, including proven expertise in security monitoring and incident response activities
• Cyber security related certifications/qualifications desirable
• Experience in IT / cyber security service delivery within the ITIL framework 
• Familiarity with ICS/SCADA systems, and securing OT environments
• Proficiency in SIEM tools and solid understanding of SOC practices
• Familiarity with Microsoft’s security tools
• Comprehensive understanding of network security, including in-depth knowledge of network protocols and intrusion prevention/detection systems
• Working knowledge of leading cyber security frameworks such as MITRE ATT&CK, NIST or ISO27001
• Ability to communicate technical issues to individuals who may not have a technical or security background
• Experience in the areas of Threat & Vulnerability Management, Data Loss
• Prevention strategies, and network security (experience with Firewall / network appliances policy review desirable)
• Experience in cloud network security configuration and monitoring techniques
• Experience with Threat Modelling and Hunting
• Understanding of security and technology operations across a broad range of enterprise technologies
• Understanding of risk or cyber-risk management frameworks involving cyber-risk identification, evaluation and mitigation.
• Experience in conducting cybersecurity risk assessments
• Experience in cybersecurity governance and compliance practices
• Bilingual in Spanish preferred

South32 is committed to building and maintaining an inclusive and diverse workforce that reflects the communities in which we operate.  We provide a recruitment process that is fair, equitable and accessible for all and we encourage candidates from all backgrounds to apply.

South32 está comprometido a cimentar y mantener una plantilla de trabajadores diversa e inclusiva que refleje las comunidades en las cuales trabajamos.  Proporcionamos una proceso de contratación que es justo, equitativo y accesible para todos y alentamos la aplicación de candidatos de todas las procedencias.