Control Systems Compliance Engineer Job in Riyadh, Saudi Arabia at Professional Recruitment
JOB PURPOSE: To design, generate, propose, implement, and follow-through actions related to compliance and protection of industrial control systems (ICS) critical IT infrastructure.Will actively work and coordinate with Operations Technology staff to integrate and implement cybersecurity and operations tools.Additionally, will be responsible for remediating the risks to the digital systems.
Key Accountabilities: Strategy & Plans
- To work with control system SMEs and operational staff to design, implement and support the operational compliance and security of ICS networked systems including but not limited to;
– Operational and Security technologies such as firewall logs, IDS, endpoint security solutions, access control systems, and other related operational and security technologies within the ICS environment.
– Incident response and handling in an ICS environment to include investigating computer and network intrusions; remediation support; performing comprehensive computer surveillance/monitoring, identifying vulnerabilities; developing secure network designs and protection strategies, and audits of information security infrastructure
- Support current and legacy computer technologies in the ICS environment. Operating systems may include Windows 95 through Windows 10 (and beyond) and various Linux operating system
- Working with Contractors, OEMs, and Service Providers, etc related to ICS to ensure that data availability of the plants sensors are channelled to the other digital departments
- Maintains the compliant operational and cybersecurity ICS architecture of the plants as per the local regulatory bodies.
- Maintaining compliance with corporate and national regulations with regards to ICS cybersecurity.
- Participate in ICS security incident response through all phases
- Consult on ICS security matters as needed
- Act as a liaison between operations and corporate IT security teams
- Design, implement and manage innovative solutions for ICS infrastructure environments
- Attend meetings at various locations (in different countries) either in person or remotely on short notice to participate and understand the ICS challenges requiring innovative and cost-effective solutions.
IT Operations & Security of control systems with IT-OT SOP compliance:
- Perform detailed pre-audits to evaluate compliance levels to identify and remediate control gaps.
- Ensure compliance to Organization policies, standards, requirements, and relevant industry compliance frameworks such ISO27001, and other data privacy regulations.
- Establish a framework for certification requirements and continuous verifications. Work with stakeholders to develop automated evidence collection.
- Maintain accurate records of IT-OT SOP compliance as reference and evidence for audit.
- Validate security and compliance activities are completed and provide sign-off for IT-SOP compliance, DR and Audit.
- Drive a review program with the stakeholders for adherence to the established Secure SDLC process.
- Develop and maintain a Knowledge repository for all Plants.
- Perform gap assessments for certifications and identify implementation gaps
- Coordinate and track certification/audit work ISO internal and external audits,
- Drive discussions with external auditors and facilitate walkthrough discussion with stakeholders
- Coordinate with internal and external Auditors to understand audit objectives and drive evidence collection.
- Integrate with Product Development and Engineering teams to monitor the ongoing operations with respect to requirements established for Security and Privacy.
Minimum Qualifications: A Bachelor degree holder in Computer/Electrical/Electronics or Industrial Engineering or related field Minimum Experience: 7+years of experience in managing ICS operational and security aspects with a track record of successful accomplishmentsMinimum of 3 years previous experience working in ICS cybersecurityMinimum of 3 years previous experience developing and/or deploying mitigation techniques for defending networks including ICS patch management (like Windows, Unix, Linux, and other such operating systems.Experience with various DCS/PLC/SCADA systems including managing operations and cybersecurity aspects is preferable
- In-depth understanding of operating systems, network/system architecture, and IT architecture design related to ICS.
- Thorough understanding and extensive experience with operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS) and the role of common system components
- Understanding of IT and OT network communication protocols (including TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, and PROFINET) and ability to perform packet analysis
- Understanding of threats, vulnerabilities, and exploits in ICS environment and appropriate mitigation techniques
- Understanding of ICS design considerations with emphasis on human safety and the availability/security of operating environment;
- Preparation, review, and maintenance of documents, policies, and standards governing the security operations for ICS equipment and networks.
- Job Location
- Riyadh, Saudi Arabia
- Company Industry
- Electric Power Production & Transmission
- Company Type
- Recruitment Agency
- Job Role
- Information Technology
- Employment Type
- Monthly Salary Range
- Number of Vacancies
- Career Level
- Residence Location
- Riyadh,Saudi Arabia
- Bachelor’s degree / higher diploma
Company: Professional Recruitment
Company Location: Riyadh, Saudi Arabia
Job Category: Electric Power Production & Transmission