Job Description

2. WORK INCLUDED It is intended to provide a Senior Cyber Security Consultant for IT and Industrial Control Systems (Operation Technologies) within SA leading the Cybersecurity activities across the IT & OT domains, including but not limited to; primary point of contact to represent the SA for external regulatory engagements and for local business, technology risk stakeholders. Responsible to build, record, maintain and improve SA cyber risk posture in line with global standards and technology and apply technical expertise to maximize the cyber security in SA IT and OT systems. Summary of duties for the IT & OT Cyber Security as a key part of the CLIENT IT and Automation team: -

• 1. Develop a comprehensive industrial automation and control system security framework which will consist of set of policies and high-level procedures.
• 2. Review the existing policies, procedures with stakeholders and align them with the SA Cyber Security Management System (CSMS) framework. The developed CSMS should be in alignment with the Local regulations like AER and global standards and best practices like ISA 62443, NIST 80-82, NERC CIP.
• 3. Establish and govern the CSMS by defining and measuring metrics i.e. KPI's as applicable.
• 4. Maintain the evidences and build the cyber security compliance culture.
• 5. Establish and maintain communication channels with stakeholders as per the cybersecurity initiatives.
• 6. Develop and submit the compliance and annual reports to SA Management.
• 7. Develop a compliance checklist and tracker to manage the systems compliance.
• 8. Develop a road map to manage the cybersecurity capability and maturity management.
• 9. Implement and maintain the cyber risk management framework and program. Ensure the program is aligned to protect the SA IT & OT assets from cyber risks.
• 10. Develop and deliver Cyber Security Awareness Program to all SA employees and contractors.
• 11. Review and enhance third-party contracts from Information Security perspective and
• ensure they are compliant with Cyber Security standards.
• 12. Manage IT/OT asset 's vulnerability and apply appropriate remediations.
• 13. Ensure all the assets are hardened and security baseline configuration is applied.
• 14. Work closely with Cyber Insurance companies and brokers to achieve Cyber Security
• Insurance for SA.
• 15. Address security issue identified by internal/external audits and work with the business units to mitigate risk and apply compensating controls.
• 16. Work with the SA team to develop and review requirements for all hardware and software related to the cyber security and act as an advisor.

Qualification Minimum Qualification and Requirements

• 1. Bachelor's degree in Instrumentation & controls engineering, Electronics & Communications, Electrical Engineering, Computer Science or related technology driven degree.
• 2. At least 10 years of experience in Cyber Security inclusive of IT/OT Cyber Security Governance and Technical.
• 4. Cyber Security experience within energy or other industrial sectors will be preferred.
• 5. Requires strong interpersonal communications, organizational and written / verbal communication skills.
• 6. Working knowledge and understanding of ICS/OT systems including SCADA, PLCs, RTU, DCS, MES, Control system architectures.
• 7. Experience in design, implementation and packet analysis of IT and OT network communication protocols.
• 8. Relevant cybersecurity certifications such as CISSP, CISM, SANS GIAC GICSP, ISA 62443 etc.
• 9. Should have one of the IT Certifications like CCNA, CCNP or MCSE.
• 10. Experience of firewalls, IDS, Access Control and SIEM/SOAR technologies.
• 12. Experience in designing and conducting Cyber Security Awareness Sessions.
• 13. Hands on experience with ICS threats and vulnerabilities assessments and remediation.
• 14. Experience in implementation and assessment of cyber security standards.
• 16. Experience with Project Management methodologies, concepts, and tools (PMP designation would be considered an asset)
• 17. Knowledge and experience of working with Cyber Insurance companies and brokers.

NOTE:

• The contract period will be one (1) year and may be extended by mutual agreement.
• The CS Consultant should be reporting to office as per SA general shift (07:30 to 04:30) PM) Sun to Thu.
• The CS Consultant should be willing to support after working hours as per business needs.

Job Types: Full-time, Temporary
Contract length: 12 months Salary: AED15,000.00 - AED19,000.00 per month Application Question(s):

• Do you have any relevant cybersecurity certifications such as CISSP, CISM, SANS GIAC GICSP, ISA 62443 etc.?
• Do you have experience of firewalls, IDS, Access Control and SIEM/SOAR technologies?
• Do you have working knowledge and understanding of ICS/OT systems including SCADA, PLCs, RTU, DCS, MES, and Control system architectures?
• Do you have 10 years of experience in Cyber Security inclusive of IT/OT Cyber Security Governance and Technical?
• Are you ready to relocate to Oman?
• Do you have experience with Project Management methodologies, concepts, and tools (PMP designation would be considered an asset)?
• What's your visa status? and can you join immediately?
• Whats is your current and expected salary? Write in Figure

Experience:

• IT & OT Cybersecurity Consultant: 10 years (Preferred)