- Job Role: Cyber Security Engineer : 10+ years
- Job Role: Cyber Security Senior Technician: 5+ years
Location: Qatar (Onsite)
Duration: Long-term
Purpose Of Job
- Manage cyber security systems and projects with Operations.
- Oversee the design, implementation, and maintenance of cyber security measures to protect critical assets and information.
- Work closely with OMS(R) section for all cybersecurity matters related to projects and routine maintenance activities.
Duties And Responsibilities
Maintenance and routine activities of the cybersecurity solutions deployed at site:
- Corrective Maintenance
- Preventive Maintenance
- Patch Management
- Antivirus Updates
- Applications Whitelisting
- Network Monitoring
- Anomaly Detection
- Online / Offline / Offsite backup
- Firewall rules management (add/modify/review/cleanup)
- Domain users’ management; Domain policy management
- System Hardening
- Local Incident Response in case of Cybersecurity Incident
- Investigate and respond to alerts from SOC.
Design, implement, and maintain cyber security systems, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions.
Develop and implement security procedures, and standards to ensure compliance with industry regulations and best practices.
Investigate security breaches and incidents, conducting root cause analysis and implementing corrective actions to prevent recurrence.
Collaborate with internal teams and external partners to address security concerns and implement security controls across the organization.
Stay updated on emerging threats and security trends, recommending and implementing security enhancements to safeguard against evolving cyber threats.
Provide security awareness training and guidance to staff members to promote a culture of security awareness and compliance.
Maintain accurate documentation and records of security configurations, incidents, and remediation activities.
Participate in audits and assessments to evaluate the effectiveness of security controls and ensure compliance with regulatory requirements.
Projects
CONTRACTOR shall collaborate and work closely with OMS section. OMS are the OT Cybersecurity SMEs for Operations. The mandate OMS covers, but not limited to:
- Provide advisory and support to QatarEnergy Operations for the deployment of cybersecurity solutions, including cybersecurity scope of work definition, detailed engineering, design review, specifications review and commissioning activities (FAT, IFAT, SAT).
Operations
- First level of assurance: hygiene and hardening checks, configuration review, etc.
- Support Qatar Energy assets for cybersecurity routine maintenance activities.
Common Services
- Build, deploy, and operate the centralized industrial cybersecurity services deployed within Qatar Energy OT Common DMZ infrastructure.
- Designing Secure Networks and Systems
- Develop comprehensive security architectures aligned with organizational goals
- Implement robust security controls and countermeasures, including encryption and access management
- Implementing Security Protocols and Measures
- Configure and deploy security technologies like firewalls, intrusion detection/prevention systems
- Establish multiple layers of defense to mitigate the risk of unauthorized access and data breaches
- Ensure security measures adhere to industry standards and compliance requirements
- Incident Response
- Promptly investigate and respond to security incidents to contain and mitigate damage
- Provide recommendations for preventing future security breaches
- Vulnerability Management
- Develop and implement remediation plans to address identified weaknesses
- Stay updated on the latest security threats and patches to proactively secure systems
- Collaboration and Consultation
- Work closely with OMS team, IT teams, application developers, and business stakeholders
- Communicate security risks, policies, and best practices to non-technical personnel
- Continuous Learning and Improvement
- Engage in ongoing professional development to stay current with evolving cybersecurity trends
- Leverage the latest security tools and technologies to enhance the organization's defenses
- Contribute to the continuous improvement of security processes and controls
Qualifications
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or related field.
- Professional certifications such as CISSP, CISM, GICSP, VMWare VCP, Microsoft Identity and Access Administrator Associate certification is a must. Other OT certifications such as IEC-62443 Cybersecurity Maintenance Specialist, GRID and CEH are recommended.
- Proven experience in designing, implementing, and maintaining cyber security solutions.
- In-depth knowledge of cyber security principles, practices, and technologies.
- Strong analytical and problem-solving skills.
- Excellent communication and interpersonal abilities.
- Ability to work independently and as part of a team.
- Attention to detail and commitment to quality.
Experience
- Minimum of 10 years of experience in cyber security engineering roles.
- Hands-on experience with security tools and technologies, such as SIEM, antivirus software, and encryption solutions.
- Familiarity with regulatory frameworks and standards, such as ISO 27001, NIST, and GDPR.
- Experience working in industrial, or plant environments is an advantage.
- Experience on solutions such as networking, firewalls, Active Directory, NMS, Anomaly detection, application whitelisting etc.
Experience shall be to have exposure to various DCS, Electrical and SCADA systems.
Person shall be able to demonstrate the skills in wide areas of Cybersecurity.
Additional Requirements
- Valid driver's license.
- Willingness to work in challenging and dynamic environments.
- Ability to work flexible hours and respond to security incidents as needed.
Skills: cybersecurity,iso 27001,siem,firewalls,azure active directory,scada,distributed control system (dcs),nist,gdpr,antivirus software,soc