OT Senior Security Engineer

Help AG is looking for a talented and experienced Resident Consultant (OT Cybersecurity Engineer) who will be responsible for providing technical support, administration, and maintenance necessary for OT Cybersecurity Services for the Company's Operational Technology (OT) and OT-IT integration. This role will play a key part in operating and maintaining cybersecurity infrastructure and OT Cybersecurity controls based on the approved OT Cybersecurity Policies, Standards, process, procedures and guidelines. The objective is to ensure the availability, integrity, and secure operations of the company's Operation Technology/Industrial Automation & Control Systems and mission critical systems from emerging cybersecurity threats by focusing into three job specific accountabilities:

• Operate and Maintain [OM]
• Protect and Defend [PR]
• Securely Provision [SP]
  
  
  

Responsibilities

• Provide the support, administration, and maintenance necessary to ensure effective and efficient of OT/ICS Cybersecurity systems performance and availability.
• Perform asset management/inventory of OT cybersecurity resources and it is supported infrastructure resources.
• Perform system administration on specialized cyber defence tools and supported infrastructure for OT/ICS environment (e.g., antivirus, application whitelisting, firewalls, IPS/IDS, Data Diodes, secure file transfer, passive security monitoring) to include installation, configuration, maintenance, backup, and restoration as per operational procedures.
• Administer accounts, network rights, and access to OT/ICS Cybersecurity systems and equipment.
• Adhere to company OT cybersecurity metrics and OT Cybersecurity KPIs.
• Maintain security baseline configuration for OT/ICS Cybersecurity Systems and supported infrastructure according to organizational policies and operational standards.
• Assist and support OT/ICS systems custodians to apply the applicable security baseline configuration on OT/ICS systems.
• Patch OT/ICS Cybersecurity systems and infrastructure vulnerabilities and update security contents to ensure reliability and safeguarded against known threats.
• Continuously monitor OT/ICS Cybersecurity systems and supported infrastructure availability, functionality, integrity, efficiency, capacity, and performance.
• Conduct periodic system maintenance including health check, configuration review, access and permission review, functionality, and effectiveness testing on OT/ICS Cybersecurity systems and supported infrastructure as per the defined standard.
• Troubleshoot, diagnose, and resolve reported OT/ICS Cybersecurity services incidents, problems, and events as per the SLA.
• Participate in diagnosing network connectivity problem within OT/ICS environments.
• Maintain documentation for all OT/ICS Cybersecurity systems security implementation, standard operating procedures, and maintenance activities and update as necessary.
• Coordinate all actions with OT systems custodians to ensure the sustenance of OT Cybersecurity solutions.
• Plan and recommend modifications or adjustments based on exercise results or system environment.
• Identify, analyze, and mitigate cybersecurity threats to Operation Technology (OT) systems and/or networks.
• Uses defensive measures and information collected from defence tools (e.g., IDS alerts, SIEM alerts, firewalls, network traffic logs) to identify, analyse, and report events that occur or might occur within the network and participate in preparing a standard remedial plan of actions to protect OT systems, and networks from threats.
• Implement system security measures to resolve vulnerabilities, mitigate risks and recommend security changes in accordance with established procedures and standards to ensure production continuity, resilience, and safety of OT/ICS Systems.
• Examine network topologies to understand data flows through OT/ICS network and interfaces between OT/ICS networks and systems.
• Work with stakeholders to resolve computer security incidents and vulnerability compliance within OT/ICS networks.
• Coordinate with OT systems custodians to assure collecting of information security data sources from OT systems and networks for Cybersecurity monitoring.
• Monitor external data sources (e.g., cyber defence vendor sites, Computer Emergency Response Teams, Security Focus. Etc) to maintain currency of OT/ICS cyber defence threat condition and determine which security issues may have an impact on the OT/ICS systems.
• Apply signatures/IOCs on cyber defence network tools in response to new or observed threats from advisories within the applicable OT/ICS network environment or enclave.
• Conceptualizes, designs, and procures Operation technology (OT) systems and networks, with responsibility for Cybersecurity aspects.
• Support OT/ICS projects life cycle from Cybersecurity perspective by defining OT Cybersecurity requirements part of Design General Specification (DGS), Front End Engineering Design (FEED), Functional Design Specification (FDS), Detailed Design Specification (DDS) during EPC phase, Cyber Security Factory Acceptance Test (FAT), Cyber Security Site Acceptance Test (SAT), Site Integration Test (SIT), etc..
• Ensures that the stakeholder security requirements necessary to protect the organization's mission and operation processes in OT/ICS are adequately addressed in all aspects of architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and operational processes.
• Participate in design system security controls and measures in accordance with established procedures and standards to ensure Safety, integrity, availability, confidentiality, authentication, non-repudiation of OT/ICS Systems along with internal and external stakeholders.
• Technical lead for implementation and assessment of OT cybersecurity solutions to meet organizational requirements.
• Participate in review OT/ICS cybersecurity technical specifications and technologies selection to ensure compatibility and integrity with cybersecurity eco system and roadmap.
• Collaborate with HSE, Enterprise Risk, Emergency Response Center, Site's Control Operation Rooms and other Business and function units as technical advisor on OT/ICS Cybersecurity matters.
• Participate in the studies and research on the evaluation of emerging technologies, product offerings, third party services, etc..
• Participate in the creation and updates of OT Cybersecurity documentation (policies, standards, baselines, guidelines, procedures, etc.).
• Support Cybersecurity risk assessments, gap assessments and audits activities within OT/ICS environment.
• Facilitate the OT Security Incident response with relevant Cybersecurity incident response team.
• Mentor and guide new and emerging OT Cybersecurity engineers within the team.
• Plan, supervise and coordinate all activities in the assigned area to meet functional objectives.
• Train and develop the assigned staff on relevant skills to enable them to become proficient on the job and deliver the respective business objectives.
• Provide input for preparation of the Function / Division / Department / Section budgets, assist in the implementation of the approved Budget, and work plans to deliver business objectives.
• Investigate and highlight any significant variances to support effective performance and cost control.
• Implement approved Function / Division / Department / Section OT Cybersecurity policies, processes, systems, standards and procedures in order to support execution of the work programs in line with Company and International standards.
• Comply with all applicable legislation and legal regulations.
• Contribute to the achievement of the approved Performance Objectives for the Function / Division / Department / Section in line with the Company Performance framework.
• Design and implement new tools and techniques to improve the quality and efficiency of operational processes.
• Identify improvements in internal processes against best practices in pursuit of greater efficiency in line with best industry standards in order to define intelligent solutions for issues confronting the function.
• Comply with relevant HSE policies, procedures & controls and applicable legislation and sustainability guidelines in line with international standards and best practices.
• Daily report to indirect line manager at the site.
• Weekly Timesheet, Service Provider Management System.
• Preventive Maintenance activities and report for OT Cybersecurity Services, SAP as per the schedule in Monthly and Quarterly.
• Set Annual Objectives and Goals with direct and indirect line managers with monthly and quarterly progress reports.
  
  
  

Qualifications & Skills

• Bachelor's degree in Computer Science (IT), Computer engineering, Electronics Engineering, Automation Engineering, or a related technical field.
• 5-7 years of experience in IT Security systems with minimum 3 years in administrating and engineering Systems Security in OT/ICS environment with in-depth technical and business knowledge, spanning a range of system security hardware, software products and solutions.
• Or equivalent experience in OT process automation systems with minimum 3 years in operating, maintaining, or engineering in Industrial environment within Oil & Gas sector and 3 years in administrating and engineering Systems Security in OT/ICS environment with in-depth technical and business knowledge, spanning a range of system security hardware, software products and solutions.
• Exposure to industrial operations and production technologies covering Industrial Control Systems, SCADA/DCS systems (Yokogawa) and related cyber security technologies in the energy sector.
• Understand and troubleshoot fault areas in industrial automation and communication systems.
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth, demilitarized zones, network segmentation).
• Knowledge of the range of existing OT systems (e.g., DCS, SCADA, PLC, Instruments) HW.
• Knowledge of Industrial network topologies, network redundancy protocols and industrial wireless technologies (e.g., FTE, ISA100 & Wireless HART).
• Knowledge of industrial application protocols and measures to secure them (e.g., OPC, Modbus, PROFINet, Vnet/IP, Ethernet/IP, DNP3 and fieldbus protocols).
• Knowledge of system administration, network, operating system and virtualization hardening techniques.
• Knowledge of different classes, types and stages of cybersecurity attacks targeting OT/ICS environments.
• Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., IEC62443, CIS CSC, NIST SP 800-53).
• Skill in configuring and utilizing network protection components (e.g., Firewalls, network intrusion detection systems, Data Diodes).
• Skill in configuring and utilizing software-based computer protection tools (e.g., host firewalls, antivirus, application whitelisting).
• Skill in conducting maintenance for OT/ICS Cybersecurity system and supported infrastructure.
• Skill in identifying and anticipating system/server performance, availability, capacity, or configuration problems.
• Mandatory vendor-neutral professional certification:
• Global Industrial Cyber Security Professional (GICSP)
• ISA/IEC 62443 Cybersecurity Fundamentals Specialist
• Technology specific professional certificate to operate and maintain the deployed OT Cybersecurity systems. Technology specific professional certification is needed based on assigned responsibilities to the engineer by line manager.
• Cisco Certified Network Associate (CCNA)
• Cisco Certified Specialist – Cybersecurity Core
• Holding following certification would be plus:
• Vendor neutral Cyber Security Professional Certifications such as: CISSP, GCWN, GCIA, GDSA
• IT certifications in ITIL/ITSM, CCNA R&S, Virtualization Computing & Storage
• OT certifications from Automation Vendors technologies in DCS, SCADA, PLC Programming and Instrumentation
• Ability to Install, configure, update, upgrade and troubleshoot Cyber Security technologies:
• Data Diode / Uni-Directional Network Solutions: Waterfall Security
• Juniper SRX Firewalls
• FortiGate Firewalls
• Trellix: Endpoint Security (ENS), Application and Change Control, ePolicy Orchestrator
• Patching: Windows WSUS Patch Deployment
• Honeywell and/or Siemens DCS, Honeywell SCADA, Industrial Control Systems and Network experience and knowledge is preferred.
  
  
  

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.
  
  
  

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses and governments across the Middle East with strategic consultancy combined with tailored information security services and solutions that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in Feb 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and cybersecurity focused. With best-of-breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.