Would you like to make a difference in our ICS/OT Cyber Security?
Do you relish opportunities to create improvements and promote operational efficiencies?
Join our Nexus Controls Team
Baker Hughes Nexus Controls offers a plant-wide, holistic suite of control system and machine condition monitoring and protection hardware, software, and services that help achieve the highest level of asset reliability possible. Our Team supports the supply chain management.
Partner with the best
You will be responsible for all Site Commissioning of industrial cybersecurity solutions, including installation supervision of the cyber system, commissioning of cyber products, Site acceptance test, and closure of punch list. This role also includes delivering internal and external training. This position will assist in developing client-specific cybersecurity roadmaps which can be converted into potential opportunities.
As an ICS/OT Lead Cyber Security Field Engineer you will be responsible for:
Site Commissioning of industrial cybersecurity solutions includes installation supervision of the cyber system, commissioning of cyber products, Site acceptance test, and closure of punch list.
Deliver cybersecurity awareness and advanced training programs to clients.
Deliver cybersecurity internal training for Nexus Controls services engineers
Drive industrial cybersecurity knowledge growth within the Services organization. This shall include training the services junior staff, and providing remote assistance to junior engineers during commissioning.
Knowhow in the following topics:
Virtualization (Microsoft HyperV, VMWare)
Active Directory with expertise in creating, modifying, and troubleshooting hardening and access control policies
Public Key Infrastructure and Certificate Authority design and implementation
End Point Security with the ability to deploy, remove, modify the configuration, and troubleshoot problems, especially with McAfee and Trend Micro
Disaster Recovery solutions with centralized backup and restore infrastructure
SIEM solutions with the ability to work with SQL DBs, modifications of visibility dashboards, correlation scripts, and display graphs
Patch management solutions for centralized patching and deployment especially in a multitenant network infrastructure
Network Intrusion Detection and Protection design, implementation, and troubleshooting
Anomaly and Breach Detection solutions design, implementation, and troubleshooting
Network Security design for zoning and segmentation using VLANs, subnets, Filters, and unidirectional appliances
Network and Security scanning expertise
Network design analysis (OSI Model, ISA 99 Asset Classification
Review the RFQ for new opportunities, assist in technical solution development, risk review, and provide services solutions which include the scoping of services estimation, resources requirement, etc
Tain the activities related to of Run-&-Maintain of recently commissioned industrial cybersecurity solutions
Perform security vulnerabilities, obsolescence, and other risks at the client\xe2\x80\x99s hardware & software assets
Reviewing network architectures and determining if good practices are being followed (e.g., the \xe2\x80\x9czones & conduits\xe2\x80\x9d concept, proper network segmentation, use of Industrial DMZ, etc.); and providing recommendations to comply with an applicable cybersecurity framework
Reviewing security products utilized (e.g., firewalls, IDS, IPS) and determining if they are configured properly
Reviewing security policies, plans, and procedures; assessing network monitoring capabilities; analyzing system logs, security events, and packet captures to identify security threats; and providing recommendations to comply with an applicable cybersecurity framework
Reviewing administrative, technical, and physical security controls and providing guidance to mitigate the identified security risks
Creating detailed documents(e.g., architecture, etc.), procedures, and plans (e.g., implementation, SAT, mitigation, etc.) as needed to support projects
Understanding on HMI
Required Qualifications
Bachelor\'s degree from an accredited university or college (or a high school diploma / GED with at least 4 years of experience in Services). Minimum of 3 additional years of experience in Resource Management.
Global Information Assurance Certificate (GIAC) (e.g., GICSP)
Degree in Engineering (Electrical, Instrumentation, Computer Science, or similar scientific/technical field)
Strong understanding of cybersecurity frameworks for Integrated control systems and Operational technology (ICS/OT) environments (ISA-99/IEC 62443, NIST SP 800-82, CIS, etc.)
Strong understanding of OT network communication protocols (e.g., Ethernet/IP, Modbus, OPC, etc.) and industrial networking topologies (e.g., ring, star, etc.)
A minimum of five (5) years of \xe2\x80\x9chands-on\xe2\x80\x9d experience deploying, assessing, designing, and implementing ICS/OT solutions.
Working knowledge of industrial control systems (e.g., DCS, PLCs, SCADA, etc.)
Prior experience in Control Systems in the power generation or Oil and Gas industry.
Desired Characteristics:
Certified Information Systems Security Professional (CISSP)
Know-how of Local frameworks knowledge is an added preference (CERT-IN [India], NCA OTCC [KSA], NESA [UAE], QNISS [Qatar], AER [Oman], etc)
Understanding of general cybersecurity frameworks (ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53)
Ability to perform vulnerability/penetration testing in ICS/OT environment, and/or threat hunting
Industry experience in Food and Beverage, Chemical, Pharma, Semiconductor, Water & Wastewater, Refining, Pulp and Paper, Electrical Transmission & Distribution, Material Handling, and/or Packaging
A willingness to go beyond the ordinary to meet and exceed client expectations
Ability to function in a multi-time zone region with customers from multiple backgrounds and different cybersecurity maturity levels
Ability to function within a global organization with a focus on a region covering the Middle East, Africa, Turkey, Pakistan, and India.
A desire for continual challenge and development
Excellent written and verbal communication skills
Willingness to travel 80% of the time to clients\xe2\x80\x99 sites.
Work in a way that works for you
We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns:
For some sites, working remotely for remote support can be enabled (up to 5 days a week) with prior manager approval.
Working with us
Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other.
Working for you
Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect:
Contemporary work-life balance policies and wellbeing activities
Comprehensive private medical care options
Safety net of life insurance and disability programs
Tailored financial programs
Additional elected or voluntary benefits
About Us
With operations in over 120 countries, we provide better solutions for our customers and richer opportunities for our people. As a leading partner to the energy industry, we\'re committed to achieving net-zero carbon emissions by 2050 and we\'re always looking for the right people to help us get there. People who are as passionate as we are about making energy safer, cleaner and more efficient.
Join Us
Are you seeking an opportunity to make a real difference in a company with a global reach and exciting services and clients? Come join us and grow with a team of people who will energize and inspire you!