Skip to content

OT Senior Security Engineer

  • On-site
    • Abu Dhabi , Abu Dhabi, United Arab Emirates
  • MSS - Resident Resources

Job description

Help AG is looking for a highly skilled OT Senior Security Engineer who will be responsible for the support, administration, and ongoing maintenance of cybersecurity systems and controls within the Operational Technology (OT) environment. This includes securing OT and OT-IT integration infrastructure in accordance with cybersecurity policies, standards, and guidelines.

This role ensures the availability, integrity, and security of OT/ICS systems across the critical infrastructure, with a key focus across three core areas:

·        Operate and Maintain (OM)

·        Protect and Defend (PR)

·        Securely Provision (SP)

Job requirements

Responsibilities

  • Provides the support, administration, and maintenance necessary to ensure effective and efficiency of OT/ICS Cybersecurity systems performance and availability.

  • Perform asset management/inventory of OT cybersecurity resources and it is supported infrastructure resources.

  • Perform system administration on specialized cyber defence tools and supported infrastructure for OT/ICS environment (e.g., antivirus, application whitelisting, firewalls, IPS/IDS, Data Diodes, secure file

  • transfer, passive security monitoring) to include installation, configuration, maintenance, backup, and restoration as per operational procedures.

  • Administer accounts, network rights, and access to OT/ICS Cybersecurity systems and equipment.

  • Adhere to company OT cybersecurity metrics and OT Cybersecurity KPIs.

  • Maintain security baseline configuration for OT/ICS Cybersecurity Systems and supported infrastructure according to organizational policies and operational standards.

  • Assist and support OT/ICS systems custodians to apply the applicable security baseline configuration on OT/ICS systems.

  • Identifies, analyses, and mitigates cybersecurity threats to Operation Technology (OT) systems and/or networks.

  • Uses defensive measures and information collected from defence tools (e.g., IDS alerts, SIEM alerts, firewalls, network traffic logs) to identify, analyze, and report events that occur or might occur within the network and participate in preparing a standard remedial plan of actions to protect OT systems, and networks from threats.

  • Implement system security measures to resolve vulnerabilities, mitigate risks and recommend security changes in accordance with established procedures and standards to ensure production continuity, resilience, and safety of OT/ICS Systems.

  • Examine network topologies to understand data flows through OT/ICS network and interfaces between OT/ICS networks and systems.

  • Work with stakeholders to resolve computer security incidents and vulnerability compliance within

  • OT/ICS networks.

  • Coordinate with OT systems custodians to assure collecting of information security data sources from OT systems and networks for Cybersecurity monitoring.

  • Monitor external data sources (e.g., cyber defence vendor sites, Computer Emergency Response Teams, Security Focus. Etc) to maintain currency of OT/ICS cyber defence threat condition and determine which security issues may have an impact on the OT/ICS systems.

  • Apply signatures/IOCs on cyber defence network tools in response to new or observed threats from advisories within the applicable OT/ICS network environment or enclave.

  • Support OT/ICS projects life cycle from Cybersecurity perspective by defining OT Cybersecurity requirements - part of Design General Specification (DGS), Front End Engineering Design (FEED), Functional Design Specification (FDS), Detailed Design Specification (DDS) during EPC phase, Cyber Security Factory Acceptance Test (FAT), Cyber Security Site Acceptance Test (SAT), Site Integration Test (SIT), etc..

  • Ensures that the stakeholder security requirements necessary to protect the organization’s mission and operation processes in OT/ICS are adequately addressed in all aspects of architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and operational processes.

  • Participate in design system security controls and measures in accordance with established procedures and standards to ensure Safety, integrity, availability, confidentiality, authentication, non-repudiation of OT/ICS Systems along with internal and external stakeholders.

  • Technical lead for implementation and assessment of OT cybersecurity solutions to meet organizational requirement.

Qualifications & Skills

 

  • Bachelor’s degree in Computer Science (IT), Computer engineering, Electronics Engineering, Automation Engineering, or a related technical field.

  • 5-7 years of experience in IT Security systems with minimum 3 years in administrating and engineering Systems Security in OT/ICS environment with in-depth technical and business knowledge, spanning a range of system security hardware, software products and solutions.

  • Or equivalent experience in OT process automation systems with minimum 3 years in operating, maintaining, or engineering in Industrial environment within Oil & Gas sector and 3 years in administrating and engineering Systems Security in OT/ICS environment with in-depth technical and business knowledge, spanning a range of system security hardware, software products and solutions.

  • Exposure to industrial operations and production technologies covering Industrial Control Systems, SCADA/DCS systems (Yokogawa) and related cyber security technologies in the energy sector.

  • Understand and troubleshoot fault areas in industrial automation and communication systems.

  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

  • Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).

  • Knowledge of computer networking concepts and protocols, and network security methodologies.

  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth, demilitarized zones, network segmentation).

  • Knowledge of the rage of existing OT systems (e.g., DCS, SCADA, PLC, Instruments) HW.

  • Knowledge of Industrial network topologies, network redundancy protocols and industrial wireless technologies (e.g., FTE, ISA100 & Wireless HART)

  • Knowledge of industrial application protocols and measures to secure them (e.g., OPC, Modbus, PROFINet, Vnet/IP, Ethernet/IP, DNP3 and fieldbus protocols)

  • Knowledge of system administration, network, operating system and virtualization hardening techniques.

  • Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., IEC62443, CIS CSC, NIST SP 800-53).

  • Skill in configuring and utilizing network protection components (e.g., Firewalls, network intrusion detection systems, Data Diodes).

  • Skill in configuring and utilizing software-based computer protection tools (e.g., host firewalls, antivirus, application whitelisting).

  • Skill in conducting maintenance for OT/ICS Cybersecurity system and supported infrastructure.

  • Skill in identifying and anticipating system/server performance, availability, capacity, or configuration problems.

  • Mandatory vendor-neutral professional certification:

    o   Global Industrial Cyber Security Professional (GICSP)

    o   ISA/IEC 62443 Cybersecurity Fundamentals Specialist

  • Yokogawa and/or ABB DCS, Industrial Control Systems and Network experience and knowledge is preferred.

  • Detailed-oriented and persistent personality

  • Strong Communication, interpersonal and self-management skills.

  • Ability to work independently and a self-motivated attitude

  • Critical thinking and problem-solving skills

  • Ability to work effectively in a team and with other groups

 

Benefits:


  • Health insurance with one of the leading global providers for medical insurance.

  • Career progression and growth through challenging projects and work.

  • Employee engagement and wellness campaigns activities throughout the year.

  • Excellent learning and development opportunities.

  • Annual flight tickets to home country.

  • Inclusive and diverse working environment.

  • Flexible/Hybrid working environment.

  • Open door policy.

About Us:


Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

or