Job Title

Cyber Security OT Senior Analyst

Business

ENOC - SSC

Job Purpose

Preform and conduct OT assurance activities towards protecting the organization information assets and critical infrastructure. conduct technical OT cyber security assessments in addition to providing technical assurance capabilities that verify effectiveness of security controls and projects.

Principal Accountabilities

Operational

• conduct OT cyber security analysis of the technology environment to identify gaps and recommend solutions for improvement.
• Conduct OT architecture assessments from technical security point of view
• conduct evaluation and assessment of available OT tools and countermeasures to remedy the detected vulnerabilities and recommend best solutions and practices.
• Conduct reviews and Validations of OT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
• Preform cyber security review for systems development or acquisition projects related to OT environments
• Validate and verify OT systems security requirements definitions and analysis and established system security designs
• conduct periodic cyber security assessments of existing OT controls and the technology landscape within the Organization (vulnerability scanning, penetration testing and Red Teaming exercises).
• conduct configuration review of OT cyber security equipment.
• Assess and validate security configurations and access to security infrastructure tools, including firewalls, IPSs, Passive monitoring solutions and anti-malware/endpoint protection systems
• conduct secure security code review and dynamic security testing for applications related to OT environment.
• Conduct OT cyber threat modelling of services and applications that tie to the risk and data classification associated with the service or application

Stakeholder Management

• Build strong relationships and working collaboratively with internal/external stakeholders and customers to achieve objectives.

Experience

Education

• Degree: Bachelor\'s degree in Computer Science, Engineering or Business field or equivalent, Diploma with additional relevant experience.
• MBA or Master\'s degree in computer science, engineering, information security is preferable.
• Required professional certifications: Professional certificate such as CISSP, CISM, OSCP, CEH, CISA, GSEC.

Experience

• 6+ years of Information Technology experience.
• 3+ years of relevant working experience.
• Working experience in multiple industries (e.g. Oil & Gas, Energy, Utilities, Retail, Government\xe2\x80\xa6) is preferable.
• Working experience in cyber security assurance.
• Working experience in cyber security assessments.
• Working experience in cyber security architecture review.

ENOC