Sr. Engineer, Security (Ref ID: 80a)

Next Decade

Next Decade

United States
Posted on Tuesday, July 2, 2024

ABOUT NEXTDECADE CORPORATION

NextDecade Corporation is an energy company accelerating the path to a net-zero future. Leading innovation in more sustainable LNG and carbon capture solutions, NextDecade is committed to providing the world access to cleaner energy. Through our subsidiaries Rio Grande LNG and NEXT Carbon Solutions, we are developing a 27 MTPA LNG export facility in South Texas along with one of the largest carbon capture and storage projects in North America. We are also working with third-party customers around the world to deploy our proprietary processes to lower the cost of carbon capture and storage and reduce CO2 emissions at their industrial-scale facilities.

NextDecade’s common stock is listed on the Nasdaq Stock Market under the symbol “NEXT.” NextDecade is headquartered in Houston, Texas. For more information, please visit www.next-decade.com.

SUMMARY OF THE ROLE

The Senior Security Engineer, reporting to the Director of Security, will be responsible for supporting the Company’s cybersecurity programs for its corporate networks, OT Networks, and cloud infrastructure, playing a critical role in safeguarding our organization’s digital assets and ensuring the integrity, confidentiality, and availability or our information systems. This position will lead the design, implementation, and maintenance of robust security solutions to protect our organization's infrastructure, applications, and data assets. This role requires expertise in various security technologies, strong analytical abilities, and a proactive approach to identifying and mitigating security risks.

As a Senior Security Engineer, you will play a critical role safeguarding out organization’s digital assets and ensuring the confidentiality, integrity, and availability of our information assets. You will be designing, implementing, and maintaining robust security solutions.

KEY RESPONSIBILITIES

The Senior Security Engineer reports to the Director of Security and will be responsible for supporting the Company’s cybersecurity programs for its corporate IT and OT networks, and cloud infrastructure. This position will identify and evaluate security risks within the organization and drive implementation of leading practices and solutions to mitigate exposures and manage cyber security risks.

Lead the design, implementation, and maintenance of enterprise-wide security solutions, including but not limited to:

  • Firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs.
  • Endpoint security tools and technologies.
  • Identity and access management (IAM) systems.
  • Security information and event management (SIEM) platforms.
  • Encryption technologies and data protection mechanisms.
  • Cloud security solutions for public, private, and hybrid environments.
  • Operational Technology defense strategies and security solutions
  • Conduct regular security assessments and audits to identify vulnerabilities, assess risks, and recommend remediation measures.
  • Develop and enforce security policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices.
  • Collaborate with cross-functional teams, including IT, development, and compliance, to integrate security requirements into the design and implementation of new systems and applications.
  • Monitor security alerts and incidents, investigate security breaches, and implement appropriate incident response measures to contain and mitigate threats.
  • Stay up-to-date on emerging security threats, vulnerabilities, and technologies, and make recommendations for continuous improvement of security posture.
  • Provide mentorship and guidance to other members of the security team, fostering a culture of knowledge sharing and professional development.
  • Generate regular security reports and dashboards to communicate key security metrics, trends, and incidents to management.

REQUIREMENTS

Minimum/preferred experience required for the position:

  • Minimum of 6 years of experience in information security roles, with a focus on security engineering and architecture.
  • Proficiency in configuring and managing security tools and systems, such as firewalls, IDS/IPS, SIEM, DLP, and antivirus solutions.
  • Experience with cloud security platforms (e.g., AWS, Azure, GCP) in a managed services environment.

Preferred knowledge, skills and abilities for the position:

  • In-depth knowledge of network security principles, protocols, and technologies, including TCP/IP, DNS, DHCP, SSL/TLS, IPsec, in additional to OT protocols such as: Modbus, DNP3 and Ethernet/IP.
  • Strong understanding of regulatory requirements and frameworks, such as ISA 62443, NIST Cybersecurity Framework, etc.
  • Excellent analytical, problem-solving, and communication skills, with the ability to translate technical concepts into business terms. Proven track record of successfully leading security projects and initiatives from conception to completion.
  • Quick learner and ability to forge ahead.
  • Build and Maintain Effective Relationships.
  • Develop Self and Others in areas of competency.
  • Good presentation skills.
  • Understanding of Operational Technology (OT) and HSSE is a plus

Required/preferred education:

  • Bachelor’s degree in Computer Science, Information Security, or a related field or relevant certifications (e.g., CISSP, CISM, CEH) are a plus.

Work Environment

This position operates in a professional office environment with occasional work within or outside of a complex construction environment. This role routinely uses standard office equipment such as computers, phones, photocopiers/fax, filing cabinets, etc. This is primarily a sedentary role; however, the incumbent must be able to stand and/or sit continuously to perform all essential job functions for a full shift.

Able to meet the following physical demands of the job, with or without reasonable accommodations:

  • Ability to lift up to 20 lbs. as required in order to lift files, boxes and office equipment as necessary.
  • Ability to lift files, open filing cabinets and bending, standing on a stool, or climbing as necessary to perform these functions.
  • While performing the duties of this role, the incumbent may be required to talk or listen.
  • Visual acuity corrected to perform job functions. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus.
  • The incumbent is required to stand, walk, use hands to handle or feel; and reach with hands and arms.
  • Ability to move throughout all areas of each office/site location and facilities.
  • Able to wear all necessary PPE equipment to perform job functions.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

*In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

NEXTDECADE VALUES

  • Safety – We make safety a priority. Everything we do relies on the safety of our people and the communities around us.
  • Integrity – We do the right thing, and are open, ethical, and fair. We hold ourselves to the highest standards in all that we do.
  • Honesty – We value truth and honesty in ourselves and others. We honor our commitments and take responsibility for our actions.
  • Respect – We listen, and respect people, the environment, and the communities in which we live and work.
  • Transparency – Transparency builds trust. We promote open communication with our people, our customers, and all our stakeholders.
  • Diversity – We value diversity of people and thought. It takes people with different strengths, ideas, and cultural backgrounds to make our company succeed.