Senior ICS Cyber Security Engineer – Qatar

The Cyber Security Engineer responsible for executing the ICS Security Enhancement project and will be the lead engineer providing technical and strategic, day-to-day management and coordination of this project with the EPC Contractor executing the job. He will be responsible for research, engineering and navigating technical problems in consultation with the EPC Contractor throughout the 3 year duration of the project. He is key to the successful delivery of this project. Accountabilities :This individual will have specific responsibilities and accountability for designing, testing and installing the above mentioned security tools, managing the risks associated with live integration of 150 systems (which includes, but not limited to critical systems such as DCS, Turbine Control Systems, Safety Systems, Electrical systems, etc.) currently installed in over 100 ITR’s and Sub stations. He will also have responsibilities for installation, configuration and testing of over 100 Firewalls to create the appropriate network segregations between assets and the systems within each asset, as well as bringing up the central security infrastructure.
The qualifications, knowledge, experience, skills and personal attributes required for the job. Such as specific software experience, equipment use or exposure to certain industrial sector. 1. 5+ years working experience in the ICS environment as I & C Engineer. 2. Advanced knowledge of ICS Environment and architecture• PERA levels – Purdue Engineering Reference Architecture• ICS equipment (HMI’s, RTU’s, PLC’s, Controllers, etc.) and the different ICS applications installed within• ICS networks, communication protocols3. Knowledge in Emerson DeltaV and Foxboro IA DCS systems preferred. 4. Knowledge in GE Turbine Control Systems preferred 5. Knowledge in Triconex Safety Systems preferred 6. GICSP Certification preferred, but not required – Global Industrial Cybersecurity Professional7. Advanced knowledge of security concepts• Defense in Depth• Boundary Defense• Risk Assessment• Gap Assessment• Access Control• Awareness and Training• Security standards in the ICS Environment – IEC62443, SP 800-82.• In-depth knowledge of ICT Qatar’s National ICS Security Standards (not required but definitely a plus)• Business Continuity/Disaster Recovery.8. Advanced knowledge of Networking – LAN’s, WAN’s, Network topologies, IP concepts, vulnerability scanning and remediation, firewalls and perimeters, VPN’s, PKI, Digital certificates, host based intrusion, intrusion prevention, etc. 9. CCIE Certified – Cisco Certified Internetwork Expert.10. CISSP Certified – Certified Information Systems Security Professional.11. 5+ years working experience in a Security Operations Center• Cyber security incident response• Malware analysis• Forensic analysis• Threat intelligence analysis• Risk analytics and attack path modeling• Countermeasure implementation• Vulnerability assessment• Vulnerability analysis• Penetration testing• Remediation prioritization and coordination• Security intelligence collection and fusion• Security architecture design• Security awareness training• Security audit data collection and distribution12. 5+ years working experience in the following security concepts:• Advanced IP packet analysis• Performing deep packet inspection• Identification of normal versus abnormal traffic• Use of intrusion detection tools• Methods and and use of penetration testing tools and techniques.13. Advanced knowledge of Windows Operating Systems• Windows infrastructure/architecture• Active Directory• Domain Users and Groups• Forests and trust• Security Policies14. MCSE Certified preferred – Microsoft Certified Solutions Expert.15. Knowledge on usage of the following tools (preferred but not required):• Industrial Defender ASM• Wireshark• Metasploit• Snort• Etc.

Leave a Comment

Your email address will not be published. Required fields are marked *