Senior OT Security Engineer - ASAB site
- Full-time
- Department: Services - ITO
Company Description
CNS is a technology company that powers the future by providing digital solutions essential to support all enterprise and human development. While growing and managing a robust pool of supplier-partners for the benefit of our clients has always been a priority, we are constantly re-inventing ourselves.
Founded in 1987 with more than 30 years of experience, CNS employs over 320 employees including more than 250 certified engineers. We offer in-depth expertise and a range of best-in-class products that support the digital transformation of all major industries. With offices in three countries, we have an extensive reach into, and regional knowledge of the Middle East markets.
A shift into levering our many years of experience to develop pioneering software in-house will add yet another dimension to our highly innovative solutions-portfolio.
Job Description
Purpose:
To coordinate and facilitate the implementation of OT Security Solutions and maintain OT Security Assets to protect Customer Business Operations. Implement recommended Security technologies that will support security requirements for Customer business and protect OT assets.
Key accountabilities:
Responsible for working with automation vendor, control system SMEs and operational staff to design, implement and support the security of OT networked systems.
Responsible for OT security technologies such as diodes, industrial firewalls, switches.
Act as a liaison between site operations, corporate IT security teams and principal/automation vendors.
Develop, maintain security devices asset register and update its classification Profile.
Interface and coordinate with operations, telecom, maintenance, technical Engineering and related assurance functions to effectively perform the required job duties and responsibilities.
Work with the business integration lead(s) to identify technology specific requirements and assess new technologies for applicability
Duties & Responsibilities:
Support the maintenance & sustenance of the deployed OT security solutions
Monitor OT security events as part of continuous system security
Support security Assessments for evaluating compliance to OT Security Policy and regulatory compliance
Support the installation, troubleshooting, configuration and Maintenance of security devices/systems
Monitors logs generated by different OT assets and assists to detect attempts of unauthorized activities as per Customer OT policy
Member of the Process Control Security Incident Response team responding to OT Security Incident
Provide inputs to the method statements, Factory acceptance test (FAT) and Site Acceptance Test (SAT)
Supervise OT Security activities by 3rd Party Contractors / Vendors to be compliant with OT Security Policy and Procedures
Support the OT Security Awareness sessions for all employees handling OT assets
Perform backup of security configuration of Network devices such as switches, firewalls, etc.
Qualifications
Bachelor’s Degree in Electronics / Instrumentation Engineering or similar discipline
Hold at least one of the following certifications: GISCP, CISSP, CISA, ISO 27001 LA, ISA 62443 fundamentals
Experience working with any industrial control system OEM (Honeywell, GE, ABB, Yokogawa etc.)
Experience in working with Industrial Control System Cyber security projects
Experience in hardening and securing the Industrial control HMI and Engineering systems
OT
In depth understanding and expertise of operating systems, network/system architecture, and IT architecture design, operating system configuration, networking & security technologies (router, switch, firewall, active directory etc.).
Deep understanding of IT and OT network communication protocols (including TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, and PROFINET) and ability to perform packet analysis
Understanding of threats, vulnerabilities, and exploits in OT environments and appropriate mitigation techniques
Working knowledge of IT / Cybersecurity Standards (NESA IAS, ISO 27001, ISA 62443, NIST, etc.).
Experience in installation and maintain security products, such as, firewalls, intrusion detection systems, anti-virus, Virtual Private Network, Security Information and Event management
Strong verbal/written communication skills to interact with team members, customers, management and support personnel
Experience Required:
A minimum of 5 to 7 years with Process Control Systems (DCS / SCADA) in design and implementation of Information Security Management System and Security frameworks.
At least 2 years’ experience in developing and implementing OT Security solutions with a control system OEM
Work Condition Physical Effort Work Environment
Minimal – regular walking, standing, and keyboard use for up to 80% of the work day.
➢ 100% at Site
Additional Information
- Competitive salary and benefits package.
- Opportunities for professional growth and development.
- Collaborative and innovative work environment.
- Access to cutting-edge technologies.