CYBER SECURITY ENGINEER - QATAR - ONSITE

Job Role: Cyber Security Engineer

Experience: 10+ years

Location: Qatar (Onsite)

Duration: Longterm

Purpose Of Job

  • Manage cyber security systems and projects within Dukhan and Mesaieed Operations.
  • Oversee the design, implementation, and maintenance of cyber security measures to protect critical assets and information.
  • Work closely with OMS(R) section for all cybersecurity matters related to projects and routine maintenance activities.

Duties And Responsibilities

Maintenance and routine activities of the cybersecurity solutions deployed at site

  • Corrective Maintenance
  • Preventive Maintenance
  • Patch Management
  • Antivirus Updates
  • Applications Whitelisting
  • Network Monitoring
  • Anomaly Detection
  • Online / Offline / Offsite backup
  • Firewall rules management (add/modify/review/cleanup)
  • Domain users’ management; Domain policy management
  • System Hardening
  • Local Incident Response in case of Cybersecurity Incident
  • Investigate and respond to alerts from SOC.

Design, implement, and maintain cyber security systems, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions.

Develop and implement security procedures, and standards to ensure compliance with industry regulations and best practices.

Investigate security breaches and incidents, conducting root cause analysis and implementing corrective actions to prevent recurrence.

Collaborate with internal teams and external partners to address security concerns and implement security controls across the organization.

Stay updated on emerging threats and security trends, recommending and implementing security enhancements to safeguard against evolving cyber threats.

Provide security awareness training and guidance to staff members to promote a culture of security awareness and compliance.

Maintain accurate documentation and records of security configurations, incidents, and remediation activities.

Participate in audits and assessments to evaluate the effectiveness of security controls and ensure compliance with regulatory requirements.

Projects

CONTRACTOR shall collaborate and work closely with OMS section. OMS are the OT Cybersecurity SMEs for Operations. The mandate OMS covers, but not limited to:

  • Provide advisory and support to QatarEnergy Operations for the deployment of cybersecurity solutions, including cybersecurity scope of work definition, detailed engineering, design review, specifications review and commissioning activities (FAT, IFAT, SAT).

Operations

  • First level of assurance: hygiene and hardening checks, configuration review, etc. o
  • Support QatarEnergy assets for cybersecurity routine maintenance activities.

Common Services

  • Build, deploy, and operate the centralized industrial cybersecurity services deployed within QatarEnergy OT Common DMZ infrastructure.
  • Designing Secure Networks and Systems
  • Develop comprehensive security architectures aligned with organizational goals
  • Implement robust security controls and countermeasures, including encryption and access management
  • Implementing Security Protocols and Measures
  • Configure and deploy security technologies like firewalls, intrusion detection/prevention systems
  • Establish multiple layers of defense to mitigate the risk of unauthorized access and data breaches
  • Ensure security measures adhere to industry standards and compliance requirements
  • Incident Response
  • Promptly investigate and respond to security incidents to contain and mitigate damage
  • Provide recommendations for preventing future security breaches
  • Vulnerability Management
  • Develop and implement remediation plans to address identified weaknesses
  • Stay updated on the latest security threats and patches to proactively secure systems
  • Collaboration and Consultation
  • Work closely with OMS team, IT teams, application developers, and business stakeholders
  • Communicate security risks, policies, and best practices to non-technical personnel
  • Continuous Learning and Improvement
  • Engage in ongoing professional development to stay current with evolving cybersecurity trends
  • Leverage the latest security tools and technologies to enhance the organization's defenses
  • Contribute to the continuous improvement of security processes and controls

Qualifications

Qualifications:

  • Bachelor's degree in Computer Science, Information Security, or related field.
  • Professional certifications such as CISSP, CISM, GICSP, VMWare VCP, Microsoft Identity and Access Administrator Associate certification is a must. Other OT certifications such as IEC-62443 Cybersecurity Maintenance Specialist, GRID and CEH are recommended.
  • Proven experience in designing, implementing, and maintaining cyber security solutions.
  • In-depth knowledge of cyber security principles, practices, and technologies.
  • Strong analytical and problem-solving skills.
  • Excellent communication and interpersonal abilities.
  • Ability to work independently and as part of a team.
  • Attention to detail and commitment to quality.

Experience

  • Minimum of 10 years of experience in cyber security engineering roles.
  • Hands-on experience with security tools and technologies, such as SIEM, antivirus software, and encryption solutions.
  • Familiarity with regulatory frameworks and standards, such as ISO 27001, NIST, and GDPR.
  • Experience working in industrial, or plant environments is an advantage.
  • Experience on solutions such as networking, firewalls, Active Directory, NMS, Anomaly detection, application whitelisting etc.

Experience shall be to have exposure to various DCS, Electrical and SCADA systems.

Person shall be able to demonstrate the skills in wide areas of Cybersecurity.

Additional Requirements

  • Valid driver's license.
  • Willingness to work in challenging and dynamic environments.
  • Ability to work flexible hours and respond to security incidents as needed.

Skills: security standards,nms,root cause analysis,project management,attention to detail,security awareness training,grid,security controls implementation,cybersecurity,compliance,security protocols,regulatory frameworks,security breaches investigation,audit and assessments,nist,firewalls,security documentation,cyber security measures,siem,cism,active directory,gdpr,ot cybersecurity,vulnerability management,interpersonal abilities,networking,endpoint protection solutions,electrical and scada systems,iso 27001,intrusion detection/prevention systems,secure networks and systems,industrial environment experience,incident response,ceh,oms(r),security procedures,vmware vcp,microsoft identity and access administrator associate certification,cyber security systems,gicsp,analytical skills,security tools,problem-solving skills,anomaly detection,independent work,operations,communication skills,quality commitment,cyber security,encryption solutions,maintenance,dcs,iec-62443 cybersecurity maintenance specialist,cissp,continuous learning,cybersecurity solutions,cyber security principles,antivirus software,teamwork
Post date: Today
Publisher: LinkedIn
Post date: Today
Publisher: LinkedIn