OT/ICS Cybersecurity Governance, Risk & Compliance (GRC) engineer
Qualification & Experience
???? Education: Bachelor’s in Computer Science, Information Security, or Electrical/Electronics Engineering (Master’s preferred) with cybersecurity concentration .
???? Experience: 7+ years in OT/ICS environments with at least 3 years in cyber risk management or compliance.
???? Certifications: CISA, CISM, CRISC, ISO 27001 Lead Auditor/Implementer, IEC 62443 Cybersecurity Professional.
Major Duties
Ensure compliance with Qatar’s Cybersecurity Framework (QCF) in OT/ICS environments by driving governance, risk management, internal audits, and regulatory alignment (Q-CERT, PDPL, IEC 62443).
???? Lead cyber risk assessments for OT/ICS systems (aligned with framework’s Risk Management Service).
???? Conduct Business Impact Analysis (BIA) and map critical assets to framework capabilities.
???? Perform internal and external audits on cybersecurity controls, report results to sector/national contacts (SCDL reporting office).
???? Develop and deliver cybersecurity training & awareness programs for OT engineers/technicians.
???? Ensure compliance with national and international standards (ISO 27001, IEC 62443, Qatar cybersecurity framework).
???? Maintain records of incidents, vulnerabilities, and compliance reporting as required.
???? Focal point for internal and external audits on cybersecurity controls and close all findings.
Skills
OT/ICS Cybersecurity Architecture & Design engineer
Qualification & Experience
???? Education: Bachelor’s in Computer Engineering, Computer science, Network Engineering, or Cybersecurity (Master’s in Security Architecture preferred).
???? Experience: 7+ years in OT/ICS/telecom network architecture, with minimum 3 years in cybersecurity design and architecture.
???? Certifications: ISA/IEC 62443 Cybersecurity Expert, GICSP, CISSP-ISSAP, TOGAF (with security specialization), CCNP Security.
Major Duties
Ensure secure design and architecture of OT/ICS, telecom, and SCADA systems through proactive architecture reviews, secure configurations, and alignment with the Qatar Cybersecurity Framework, IEC62443 controls.
???? Perform architecture reviews of OT/ICS networks, SCADA, telecom systems against framework capabilities.
???? Define and enforce segmentation & zoning (Purdue model, defense-in-depth).
???? Implement data protection & privacy requirements (encryption at rest/in motion, PDPL).
???? Review and recommend secure protocols and hardening controls (Endpoint, Network, Application Security).
???? Support secure adoption of emerging technologies in OT environments.
???? Map implemented security controls to national & international standards (ISO, NIST, IEC).
OT/ICS Cybersecurity Operations Continuity engineer
Qualification & Experience
???? Education: Bachelor’s in Information Technology, Industrial Control Systems Engineering, or Cybersecurity (Master’s in Business Continuity or Security preferred).
???? Experience: 7+ years in OT/ICS environments with minimum 5 years in incident response, disaster recovery, or continuity planning.
???? Certifications: CBCP, ISO 22301 Lead Implementer, GICSP, CISSP, SANS ICS515 or GCIH (incident handling).
Major Duties
Oversee resilience, recovery, and continuity of OT/ICS systems by developing strategies, conducting incident handling, and ensuring compliance with the Qatar Cybersecurity Framework’s Recovery & Continuity capability and vulnerability management.
???? Lead development of Business Continuity Plans (BCP) and Disaster Recovery (DR) for OT/ICS.
???? Conduct incident handling & response exercises, including OT digital forensics.
???? Test response and recovery plans regularly (simulation, tabletop exercises).
???? Ensure redundancy and resilience measures for SCADA, telecom, and critical OT systems.
???? Report continuity status and incidents to sector/national bodies.
???? Integrate risk assessment & BIA outputs into recovery planning.
???? Collaborate with SOC/OT monitoring teams to ensure continuity triggers are aligned with incident detection.
???? Develop and address vulnerability management in OT/ICS