ICS Cybersecurity Specialist

Job Purpose / Objective:

The ICS Cybersecurity Specialist is responsible for the protection detection response and recovery of Industrial Control Systems (ICS) Cybersecurity for Windows-based operating systems and network levels 0 through 3.5 in line with ISA/IEC 62443 standards. The role ensures compliance with company standards for both networked and standalone ICS/OT devices and develops enhances and maintains the ICS Cybersecurity capabilities through the adoption of ISA/IEC 62443 standards and supporting tools (e.g. vulnerability assessment IPS SIEM etc.).

Key Accountabilities:

Routine Duties:

• Establish a comprehensive cybersecurity management system and framework for the organization.
  
• Develop and implement necessary cybersecurity standards policies procedures and risk assessment frameworks.
  
• Plan and facilitate internal and external audits to identify ICS cybersecurity gaps and vulnerabilities.
  
• Manage patch deployment for Windows devices across network levels 0 through 3.5 and standalone devices.
  
• Identify obsolete operating systems (OS) and plan for necessary upgrades through vendor consultations.
  
• Consolidate standalone devices (e.g. laptops used for PLC configuration).
  
• Complete configuration review sheets for workstations servers switches firewalls and routers in the OT environment for internal ICS audits correcting deficiencies and documenting deviation/remediation plans.
  
• Participate in and document compliance of all OT environment devices with organizational policies and procedures.
  
• Contribute to the design and implementation of cybersecurity solutions for the OT environment (e.g. SIEM IPS ATP).
  
• Monitor patch deployment anti-virus SIEM IPS ATP and related systems responding to and investigating alerts.
  
• Perform detailed post-event analysis of cyber incidents and direct necessary incident response actions.
  
• Conduct in-depth technical analysis of industrial control systems (ICS) and cybersecurity controls.
  
• Participate in vulnerability assessments and administrative audits on client computer systems and network devices considering the sensitivity of operational technology testing.
  
• Identify cybersecurity gaps and recommend mitigation strategies.
  
• Keep up-to-date with cybersecurity capabilities of operating systems networking devices control systems and vendor solutions.
  
• Stay informed on current and emerging computer/network system technologies architectures and products.
  
• Resolve technical issues with a focus on operational impact and communicate resolutions to OT organizations.
  
• Secure operational technology networks by designing and implementing appropriate cybersecurity measures.
  
• Develop and deploy simulated ICS environments within virtual infrastructure.
  
• Contribute to MOC / PSSR processes.
  

Policies Systems Processes and Procedures:

• Maintain an understanding of relevant cybersecurity standards including those related to process networks.
  
• Provide input to the planning design development and implementation of technical controls procedures and policies related to cybersecurity compliance.
  
• Identify opportunities for continuous improvement in systems processes and practices to enhance productivity and operational efficiency.
  
• Implement all relevant policies processes and procedures to ensure work is carried out in a controlled and consistent manner.
  

Quality Health Security Safety and Environment:

• Ensure compliance with life-critical procedures operational tenets and safety systems including plant policies and standard operating procedures (SOPs).
  
• Participate in safety activities ensuring regulatory health safety security environmental and quality compliance.
  
• Conduct plant walk-downs and audits to ensure safe work practices and effective plant safety systems.
  
• Participate actively in shift toolbox meetings Job Safety Analyses (JSAs) and related safety meetings.
  
• Enforce Stop Work Authority and immediately address unsafe practices.
  

Reporting:

• Communicate and present technical knowledge to stakeholders effectively.
  
• Provide training to employees on ICS cybersecurity measures and social engineering risks.
  
• Prepare timely and accurate reports to meet departmental requirements.
  
• Keep the supervisor informed of issues requiring additional follow-up.
  
• Report incidents and near misses and participate in investigations as required.
  

Requirements

Qualifications & Experience:

Education:

• Required: Bachelors degree in Electrical Engineering Electronic Engineering Process Control Engineering Instrumentation Engineering Engineering Technology Physical Engineering Automation Engineering Mechatronics Engineering Cyber and Networking Security Computer Engineering or Science majoring in Information Technology.
  
• Preferred: Masters degree in Electrical Engineering Electronic Engineering Process Control Engineering Instrumentation Engineering Engineering Technology Physical Engineering Automation Engineering Mechatronics Engineering Cyber and Networking Security or Computer Engineering.
  

Experience:

• Required: Minimum of 5 years experience in control systems engineering DCS/PLC/SIS support instrumentation maintenance or a related operational role in an Oil & Gas or chemical manufacturing environment. At least 3 years of experience in ICS/OT Cyber Security.
  
• Preferred: Minimum of 7 years experience in control systems engineering DCS/PLC/SIS support instrumentation maintenance or a related operational role in Oil & Gas or chemical manufacturing environments. At least 5 years of experience in ICS/OT Cyber Security.
  

Other Job Specific Requirements:

• Strong experience with Windows OS Active Directory (AD) GPO security and related tools.
  
• Knowledge of ICS cybersecurity standards including ISA/IEC 62443.
  
• Familiarity with system security design defense-in-depth/breadth authentication risk management incident handling configuration control change management and auditing.
  
• Experience with cybersecurity vulnerability assessments penetration testing and associated tools and techniques.
  
• Skilled in configuring cybersecurity controls including firewalls intrusion detection systems access control anti-virus software patching and logging.
  
• Strong technical writing skills and experience with policies procedures and documentation.
  
• Proficiency in network routing switching TCP/IP and physical cabling for network communications and control system I/O.
  

Preferred Certifications:

• ISA 62443 Level 1/2/3 Certified.
  
• CISSP (Certified Information Systems Security Professional).
  
• GICSP (Global Industrial Cybersecurity Professional) Certification.
  
• CCNA/Network Certification.
  
• MCSE (Microsoft Certified Systems Engineer) Certification.
  
• Experience with DCS systems such as Emerson Honeywell or Yokogawa.
  

Languages:

• Required: Proficient in English.
  
• Preferred: Working knowledge of Arabic.