The Role:
1. Conducting Vulnerability Assessment at site for,
a. Workstations, Servers, Switches, Firewalls & Networking Components.
b. Control System (PLC, HMI, DCS, OEM Controllers, Safety Systems) & Electrical Relays.
2. ICS assets (as listed in point 1) verification at site and updating in access data base.
3. Verification & red-markup update of existing Architecture wrt actual installations in coordination with customer & sharing with remote team.
4. Preparation (hand sketch) of missing architectures in coordination with customer and sharing with remote team.
5. Verification of Panel space & power availability to install and power the gap mitigation items proposed by remote team.
6. Support to Following tasks performed by Remote team / vendors.
a. Conducting Risk Assessment (High Level and Detailed) in coordination with EXIDA team.
b. Implementing IP Management Solution in coordination with QCS team.
c. Implementation Password Management Solution in coordination with QCS team.
d. Implementing USB / Removable Access Media Solution in coordination with QCS team.
e. Review & Develop ICS networks zone and conduit modelling, corporate reference models, Purdue reference.
f. Review and develop ICS user account administration, access, authorization philosophies.
g. Developing Cyber Security Management System (CSMS).
h. Review the Gap assessment
i. Preparing Cyber security solution addressing risk and gaps.
j. Developing cyber security score card.
k. Review and develop Risk assessment procedure.
l. Develop Thereat Modelling
m. Cyber Security Requirements Specification (CRS)
7. Coordination with Customer, Internal Team & Vendors.
8. Preparing Progress reports and presentations; Technical presentations to customer.
9. Executing the activities as per agreed Project schedule. Highlighting the potential delays, concerns and mitigation plan to management. Managing and leading site team.
Essential Skills / Qualifications:
1. Hands-on experience in Vulnerability assessment, Risk assessment, policies and guidelines preparation, architecture preparation, etc.
2. Knowledge in Cyber Security Standards such as ISA/IEC 62443, ISA-99, Q-Cert, FIFA framework, ANSI/ISA 99.02.01-2009, DHS CFATS RBPS-8, NERC CIP, etc.
3. Knowledge in Control System and Electrical assets is added advantage.
4. Cyber Security Certifications is added advantage.
5. Qatari Driving License is added advantage.
6. Strong in communication.
7. Nessus VA software experience is added advantage.
About Fircroft:
Fircroft has been placing people in specialist technical industries for over 50 years, focusing on mid to senior level engineers for contract and permanent roles worldwide. By applying for this job you give consent for Fircroft to contact you, via email & telephone, to discuss your application along with future positions and Fircroft's services.
Fircroft is registered as a Data Controller with the Information Commissioner as required under the General Data Protection Regulation 2016/679. Fircroft will only process your personal data for the specific purposes of managing your application.