Cyber Security Specialist

About CRH

We are CRH, and we are committed to contributing to a more resilient and sustainable built environment. We understand the wider impact our businesses can make in supporting human activity. We continue to do this through the delivery of unique, superior building materials and products for use in road and critical utility infrastructure, commercial building projects and outdoor living solutions.

CRH (NYSE: CRH, LSE: CRH) is the leading provider of building materials solutions that build, connect and improve our world. Employing c.78,500 people at c.3,390 operating locations in 28 countries, CRH has market leadership positions in both North America and Europe. As the essential partner for transportation and critical utility infrastructure projects, complex non-residential construction and outdoor living solutions, CRH’s unique offering of materials, products and value-added services helps to deliver a more resilient and sustainable built environment. The company is ranked among sector leaders by Environmental, Social and Governance (ESG) rating agencies. A Fortune 500 company, CRH’s shares are listed on the NYSE and LSE.

Without you noticing our products, we are everywhere you live, work, and relax.

Our project portfolio includes some of the most sustainable and cutting-edge building projects around the world. Think of the asphalt on the Silverstone Grand Prix Circuit, the Paris Metro Rail project, but also the Louis Vuitton Museum in Paris, parts of the Burj Khalifa, and the Kennedy Space Centre.

Position Overview
The Cyber Security Specialist will ensure to minimise the risk for CRH, both monetary and reputational, due to potential cyber security threats.

It is a pivotal role as it requires daily engagements between GIS (Group Information Security), OpCos (Operating Companies) and vendors who are supporting our security systems. The role will protect the organisation’s critical assets against any kind of cyber threat. Its purpose is to avoid, resist and respond to probable threats. This individual is also responsible for the ensuring successful remediation of technology vulnerabilities which could be exploited by an internal or external actor to gain unauthorized access to computer systems and data. Responsible for the validation of remediation steps taken to minimise threats, which have been mitigated by the IT Ops Teams.

Key Tasks and Responsibilities
In this role, you will be:

• Responsible for owning an area of Europe and the Operating Companies within that to build relationships to identify security issues & risks, and develop mitigation plans
• Able to write accurate and concise reports
• Involved in developing and implementing security baselines and hardening procedures for servers, databases, and network devices
• Working with existing and new security solutions such as End-Point Protection, Firewalls, Encryption, Proxy, SIEM
• Developing, improving & Enforcing security policies and procedures
• Responsible for reviewing security violation reports and investigates possible security exceptions
• Updating, maintaining and documenting security controls
• Participating in security operations support - Following up on information security related incidents
• Performing Patch & Vulnerability Management (Qualys)
• Identifying and advising on external risk (Bitsight)
• Participating in projects
• Consistently implementing security solutions at the business unit level
• Testing new security measures
• Advising and training colleagues

Travel expectations: Limited travel (10-20%) is expected in this role – must be free to travel worldwide

Key Functional Competencies
You possess the following:

• Drive and energy to achieve desired results
• Strong IT skills and knowledge including hardware, software and networks
• Meticulous attention to detail
• Ability to use logic and reasoning to identify the strengths and weaknesses of IT systems
• Ability to identify the best course of action based on the risk

Experience / Education
You are/have:

• Fluency in both speaking and writing English
• Third Level qualification (or equivalent) in information technology, Information Security or Engineering
• CISSP, CCSP, GCIH, GIAC (SANS), CCNP, Splunk certificates and / or other relevant security/Network type engineering certifications
• Experience of analysis and correlation toolsets. Including data extraction and manipulation for reporting and investigation purposes
• Experience of hardening and applying modern security standards across servers, workstations, SaaS-based solutions and network equipment
• Experience of administering enterprise endpoint and network security tools and platforms across enterprise networks consisting of Windows, OSX, and Linux endpoints
• Administration of Networking, and/or Linux & Windows environments would be advantageous
• Experience with Microsoft Azure Security Tools would be beneficial
• Knowledge of NIST 2.0 CSF would be beneficial

What CRH Offers You

A culture that values opportunity for growth, development, and internal promotion

Highly competitive salary package

Comprehensive secondary benefits

Significant contribution to your pension plan

Health and wellness programs, including an on-site gym and fitness classes

Excellent opportunities to develop and progress with a global organization

Connect your future to CRH

We are curious to learn more about you. At CRH, we believe our mutual differences contribute to the healthy, productive, and enjoyable workspace we create. Please introduce yourself and send us your application.

CRH finds it important that vacancies are shared to individuals that may find them interesting and/or could be suitable for the role.

CRH is an equal opportunity employer. We are committed to creating an inclusive work environment for all employees and actively encourage applications from all sectors of the community.

Benefits/perks listed above may vary depending on the nature of the employment with CRH and the country where you work.

Please note that we cannot accept any applications submitted through email for GDPR purposes. Candidates must apply through our job portal.

We do not accept candidate introductions for this position from recruitment agencies, unless you have been instructed to do so by our recruitment team.