ICS Cybersecurity Specialist

Be among the first applicants.
Qatar Chemical Company
Umm Al Quwain
AED 120,000 - 180,000
Be among the first applicants.
7 days ago
Job description

3. JOB PURPOSE / OBJECTIVE

Hands-on responsibility for Industrial Control Systems (ICS) Cyber Security inclusive of protection, detection, response, and recovery for Windows-based operating systems and network levels 0 through 3.5 as per ISA/IEC 62443. Ensure compliance with company standards for both networked and standalone ICS/OT devices. Develop, enhance, and maintain the company's ICS Cyber Security capabilities through adoption of the ISA/IEC 62443 standards and supporting tools (e.g. vulnerability assessment, IPS, SIEM, etc.).

4. KEY ACCOUNTABILITIES

Routine Duties

  1. Establish a Cybersecurity management system and framework for the company.
  2. Develop and implement necessary Cybersecurity standard/policy/procedure/risk assessment framework.
  3. Plan and facilitate internal/external audits to identify the ICS Cybersecurity gaps and vulnerabilities.
  4. Manage patch deployment for Windows devices in network levels 0 through 3.5 as well as standalone devices.
  5. Identify obsolete Operating Systems (OS) and plan for necessary upgrades through vendor consultation.
  6. Consolidate standalone devices (e.g., laptops used for PLC configuration).
  7. Prepare for the company's internal ICS audit by completing configuration review sheets for all workstations, servers, switches, firewalls, and routers in the OT environment. Correct deficiencies and document deviation/remediation plans.
  8. Prepare for the company's internal ICS audit by participating in and documenting compliance of all workstations, servers, switches, firewalls, and routers in the OT environment with company policies and procedures.
  9. Participate in the design of cyber solutions for the OT environment (e.g. SIEM, IPS, ATP).
  10. Monitor patch deployment, anti-virus, SIEM, IPS, ATP and related systems and respond/investigate alerts.
  11. Perform detailed, post event analysis of cyber events, and direct needed Incident response procedures.
  12. Perform detailed technical analysis of industrial control systems (ICS) and cyber security controls.
  13. Participate in vulnerability assessments and administrative audits on client computer systems and network devices considering the sensitivity of operational technology testing.
  14. Identify cyber security gaps and recommend mitigation strategies to address gaps.
  15. Maintain knowledge of the cyber security capabilities of operating systems, networking devices, control systems, and vendor offerings.
  16. Maintain a broad knowledge of current and emerging state-of-the-art computer/network systems technologies, architectures, and products.
  17. Resolve technical issues considering operating impact and be able to communicate issue resolutions to OT organizations.
  18. Secure operational technology networks.
  19. Design comprehensive technical solutions that meet compliance requirements and implement the appropriate software to mitigate critical security risks (e.g., system and antivirus software, encryption modules, patch management programs, insider threat protection, incident response plans, forensic capabilities, and regulation compliance).
  20. Lead collaboration efforts with other cyber security experts on team to develop well-constructed approaches to ICS risk management, mitigation, and monitoring strategies.
  21. Responsible for securing systems running ICS-related communications protocols (e.g., MODBUS, PROFIBUS, etc.).
  22. Develop simulated ICS environments within a virtual infrastructure.
  23. Participate in MOC / PSSR process.

Policies, Systems, Processes and Procedures

  1. Maintain a working knowledge of applicable cyber security standards including those relating to process networks.
  2. Provide input to the planning, design, development and implementation of technical controls, procedures and policy associated with compliance to regulatory requirements, cyber security guidance, and standards.
  3. Contribute to the identification of opportunities for the continuous improvement of systems, processes and practices in order to increase productivity and operational efficiency.
  4. Implement all relevant Section's policies, processes, procedures and instructions so that work is carried out in a controlled and consistent manner.

Quality, Health, Security, Safety and Environment

  1. Ensure compliance with Life Critical Procedures, Tenets of Operations, Consent to Operate, plant policies and procedures, Daily Operating Instructions, Standard Operating Procedures (SOPs), Job Safety Analyses (JSAs), MOC Process, and Quality Management System.
  2. Participate in the safety activities of the shift to ensure regulatory, health, safety, security, environmental, and quality compliance.
  3. Carry out plant walk-downs and audits to ensure work is being performed safely and that the plant safety systems are enabled.
  4. Coordinate efforts to correct discrepancies.
  5. Actively participate in shift toolbox meetings, JSAs, MSCM's, etc.
  6. Execute Stop Work Authority and take immediate corrective actions to stop unsafe behaviors.

Reporting

  1. Communicate ideas, present, and explain technical knowledge to stakeholders.
  2. Provide training to organizational employees regarding protective ICS cyber security measures and the understanding of social engineering risks and tactics.
  3. Prepare timely and accurate recaps and reports in order to meet departmental requirements, policies and standards.
  4. Communicate to Supervisor to inform on issues that require additional follow up.
  5. Report incidents and near misses and participate in investigations as required.

Qatarization

  1. Contribute to the development of Qatari employees. This accountability is applicable to expatriate employees only.

5. QUALIFICATIONS & EXPERIENCE

Education

Required (Qualification1 / Discipline): Bachelor's degree in Electrical Engineering, Electronic Engineering, Process Control Engineering, Instrumentation Engineering, Engineering Technology, Physical Engineering, Automation Engineering, Mechatronics Engineering, Cyber and Networking Security, Computer Engineering or Science majoring in Information Technology.

Preferred (Qualification1 / Discipline): Master's Degree Electrical Engineering, Electronic Engineering, Process Control Engineering, Instrumentation Engineering, Engineering Technology, Physical Engineering, Automation Engineering, Mechatronics Engineering, Cyber and Networking Security, Computer Engineering or Science majoring in Information Technology.

Experience

Required (Years2 / Job Level3 / Industry): 5+ years experience in control systems engineering, DCS/PLC/SIS support, instrumentation maintenance, or related operational role Oil & Gas or chemical manufacturing environment. 3+ years experience in ICS/OP Cyber Security.

Preferred (Years2 / Job Level3 / Industry): 7+ years experience in control systems engineering, DCS/PLC/SIS support, instrumentation maintenance, or related operational role in Oil & Gas or chemical manufacturing environment. 5+ years experience in ICS/OP Cyber Security.

Other Job Specific Requirements and/or Vocational Accreditations

  1. Highly experienced with the Windows OS, Active Directory (AD), GPO, security, and related items.
  2. One or more of the preferred certifications listed below, equivalent certification, or verifiable hands-on experience.
  3. Working knowledge of ICS cyber security related standards including ISA/IEC 62443.
  4. Working knowledge of system security design, defense-in-depth/breadth, information domains, authentication/authorization, system integration, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, and security testing.
  5. Ability to research and engineer new security solutions and write opinion papers, proposals and presentations.
  6. Understands threat landscape of network-connected ICS technology.
  7. Understands fundamentals of technical security risk assessment.
  8. Experience with cyber security vulnerability assessments, penetration tests, and the tools/techniques involved in both.
  9. Experience in the capabilities and/or configuration of cyber security controls, specifically those relating to firewalls, intrusion detection systems, access control, authentication, anti-virus/anti-malware, patching and hotfix, logging.
  10. Experience with corporate policies and procedures and/or technical writing skills.
  11. Experience with network routing, switching, and TCP/IP.
  12. Experience with physical cabling for network communications and control system I/O.

Preferred Skills

  1. ISA 62443 Level 1/2/3 certified.
  2. CISSP Certified Certified Information Systems Security Professional.
  3. GICSP Certification preferred, Global Industrial Cybersecurity Professional.
  4. CCNA/Network + certified.
  5. MCSE Certified preferred Microsoft Certified Systems Engineer.
  6. Experience with at least one of the following DCS systems: Emerson, Honeywell, or Yokogawa.
  7. Experience in the Oil & Gas or chemical manufacturing environments.
  8. Excellent interpersonal and group dynamic skills.
  9. Strong written and verbal communication skills.
  10. Ability to manage and deliver multiple projects concurrently.
  11. Knowledge of ICT Qatar's National ICS Security Standards (not required but definitely a plus).

Note: This is a hands-on position with considerable field work in an industrial, 7x24 chemical manufacturing environment.

Get a free, confidential resume review.
Select file or drag and drop it
TrustpilotStars
Rated “Excellent” based on 14,992 reviews
Avatar
Free online coaching
Improve your chances of getting that interview invitation!
Be the first to explore new ICS Cybersecurity Specialist jobs in Umm Al Quwain
Follow us
JobLeads Youtube ProfileJobLeads Linkedin ProfileJobLeads Instagram ProfileJobLeads Facebook ProfileJobLeads Twitter AccountJobLeads Xing Profile
Company
Services
Free resources
Support

© JobLeads 2007 - 2025 | All rights reserved