OT Senior Security Engineer

Help AG is looking for a talented and experienced Resident Consultant (OT Cybersecurity Engineer) who will be responsible for providing technical support, administration, and maintenance necessary for OT Cybersecurity Services for the Company's Operational Technology (OT) and OT-IT integration. This role will play a key part in operating and maintaining cybersecurity infrastructure and OT Cybersecurity controls based on the approved OT Cybersecurity Policies, Standards, processes, procedures, and guidelines. The objective is to ensure the availability, integrity, and secure operations of the company's Operation Technology/Industrial Automation & Control Systems and mission critical systems from emerging cybersecurity threats by focusing on three job-specific accountabilities:

• Operate and Maintain [OM]
• Protect and Defend [PR]
• Securely Provision [SP]

• Provide the support, administration, and maintenance necessary to ensure effective and efficient performance and availability of OT/ICS Cybersecurity systems.
• Perform asset management/inventory of OT cybersecurity resources and associated infrastructure resources.
• Perform system administration on specialized cyber defence tools and supported infrastructure for OT/ICS environments (e.g., antivirus, application whitelisting, firewalls, IPS/IDS, Data Diodes, secure file transfer, passive security monitoring), including installation, configuration, maintenance, backup, and restoration as per operational procedures.
• Administer accounts, network rights, and access to OT/ICS Cybersecurity systems and equipment.
• Adhere to company OT cybersecurity metrics and OT Cybersecurity KPIs.
• Maintain security baseline configurations for OT/ICS Cybersecurity Systems and supported infrastructure according to organizational policies and operational standards.
• Assist and support OT/ICS systems custodians to apply the applicable security baseline configuration on OT/ICS systems.
• Patch OT/ICS Cybersecurity systems and infrastructure vulnerabilities and update security contents to ensure reliability and safeguarding against known threats.
• Continuously monitor OT/ICS Cybersecurity systems and supported infrastructure availability, functionality, integrity, efficiency, capacity, and performance.
• Conduct periodic system maintenance including health checks, configuration review, access and permission review, functionality, and effectiveness testing on OT/ICS Cybersecurity systems and supported infrastructure as per the defined standard.
• Troubleshoot, diagnose, and resolve reported OT/ICS Cybersecurity services incidents, problems, and events as per the SLA.
• Diagnose network connectivity problems within OT/ICS environments in collaboration with stakeholders.
• Maintain documentation for all OT/ICS Cybersecurity systems security implementation, standard operating procedures, and maintenance activities, and update as necessary.
• Coordinate all actions with OT systems custodians to ensure the sustenance of OT Cybersecurity solutions.
• Plan and recommend modifications based on exercise results or system environment.
• Identify, analyze, and mitigate cybersecurity threats to OT systems and/or networks.
• Use defensive measures and information from defence tools (e.g., IDS alerts, SIEM alerts, firewalls, network traffic logs) to identify, analyze, and report events that occur or might occur, and participate in preparing standard remedial plans of action to protect OT systems and networks from threats.
• Implement system security measures to resolve vulnerabilities, mitigate risks, and recommend security changes in accordance with established procedures and standards to ensure production continuity, resilience, and safety of OT/ICS Systems.
• Examine network topologies to understand data flows through OT/ICS networks and interfaces between OT/ICS networks and systems.
• Work with stakeholders to resolve computer security incidents and vulnerability compliance within OT/ICS networks.
• Coordinate with OT systems custodians to ensure collection of information security data sources from OT systems and networks for Cybersecurity monitoring.
• Monitor external data sources (e.g., cyber defence vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of OT/ICS cyber defence threat condition and determine which security issues may impact the OT/ICS systems.
• Apply signatures/IOCs on cyber defence network tools in response to new or observed threats from advisories within the applicable OT/ICS network environment or enclave.
• Conceptualizes, designs, and procures OT systems and networks, with responsibility for cybersecurity aspects.
• Support OT/ICS project life cycle from a Cybersecurity perspective by defining OT Cybersecurity requirements as part of Design General Specification (DGS), Front End Engineering Design (FEED), Functional Design Specification (FDS), Detailed Design Specification (DDS) during EPC phases, Cyber Security Factory Acceptance Test (FAT), Cyber Security Site Acceptance Test (SAT), Site Integration Test (SIT), etc.
• Ensures stakeholder security requirements to protect the organization's mission and operation processes in OT/ICS are adequately addressed in all aspects of architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and operational processes.
• Participate in design system security controls and measures to ensure safety, integrity, availability, confidentiality, authentication, and non-repudiation of OT/ICS Systems with internal and external stakeholders.
• Act as Technical Lead for implementation and assessment of OT cybersecurity solutions to meet organizational requirements.
• Participate in review of OT/ICS cybersecurity technical specifications and technologies selection to ensure compatibility and integrity with the cybersecurity ecosystem and roadmap.
• Collaborate with HSE, Enterprise Risk, Emergency Response Center, Site Control Operation Rooms, and other business and function units as a technical advisor on OT/ICS cybersecurity matters.
• Participate in studies and research on the evaluation of emerging technologies, product offerings, third-party services, etc.
• Participate in the creation and updates of OT Cybersecurity documentation (policies, standards, baselines, guidelines, procedures, etc.).
• Support cybersecurity risk assessments, gap assessments, and audits activities within the OT/ICS environment.
• Facilitate OT Security Incident response with the relevant Cybersecurity incident response team.
• Mentor and guide new and emerging OT Cybersecurity engineers within the team.
• Plan, supervise, and coordinate all activities in the assigned area to meet functional objectives.
• Train and develop assigned staff on relevant skills to enable them to become proficient on the job and deliver the respective business objectives.
• Provide input for preparation of budgets at the Function / Division / Department / Section level, assist in the implementation of the approved Budget, and work plans to deliver business objectives.
• Investigate and highlight any significant variances to support effective performance and cost control.
• Implement approved OT Cybersecurity policies, processes, systems, standards and procedures to support execution of the work programs in line with Company and International standards.
• Comply with all applicable legislation and legal regulations.
• Contribute to the achievement of the approved Performance Objectives for the Function / Division / Department / Section in line with the Company Performance framework.
• Design and implement new tools and techniques to improve the quality and efficiency of operational processes.
• Identify improvements in internal processes against best practices to increase efficiency and align with industry standards to define intelligent solutions for issues confronting the function.
• Comply with relevant HSE policies, procedures & controls and applicable legislation and sustainability guidelines in line with international standards and best practices.
• Daily report to indirect line manager at the site.
• Weekly timesheet and Service Provider Management System updates.
• Preventive maintenance activities and reports for OT Cybersecurity Services, SAP as per the schedule in Monthly and Quarterly cycles.
• Set annual objectives and goals with direct and indirect line managers with monthly and quarterly progress reports.

• Bachelor's degree in Computer Science (IT), Computer Engineering, Electronics Engineering, Automation Engineering, or related technical field.
• 5-7 years of experience in IT Security systems with minimum 3 years in administrating and engineering Systems Security in OT/ICS environments with in-depth technical and business knowledge across hardware, software, and solutions.
• Or equivalent experience in OT process automation systems with minimum 3 years in operating, maintaining, or engineering in industrial environments within Oil & Gas, plus 3 years in administering and engineering Systems Security in OT/ICS.
• Exposure to industrial operations and production technologies covering ICS, SCADA/DCS (Yokogawa) and related cybersecurity technologies in the energy sector.
• Understand and troubleshoot fault areas in industrial automation and communication systems.
• Knowledge of risk management processes and ITIL/ITSM concepts.
• Knowledge of computer networking concepts and security methodologies; defense-in-depth, network segmentation.
• Knowledge of OT systems (DCS, SCADA, PLC, instruments) hardware, industrial network topologies, and industrial wireless technologies.
• Knowledge of industrial application protocols (OPC, Modbus, PROFINet, Vnet/IP, Ethernet/IP, DNP3, etc.).
• Knowledge of system administration, network, OS, and virtualization hardening.
• Knowledge of cybersecurity attack classes targeting OT/ICS environments.
• Skills in assessing security controls (IEC 62443, CIS CSC, NIST SP 800-53).
• Skills in configuring and utilizing network protection components (Firewalls, IDS/IPS, Data Diodes) and software-based protection tools (host firewalls, antivirus, application whitelisting).
• Experience in OT/ICS cybersecurity maintenance, and performance/troubleshooting.
• Ability to install, configure, update, upgrade, and troubleshoot cybersecurity technologies (e.g., Data Diodes, Firewalls, EDR, patching with WSUS).
• OT certifications from Honeywell/Siemens DCS/SCADA experience preferred.

• Health insurance with leading global providers.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses and governments across the Middle East with strategic consultancy combined with tailored information security services and solutions that address their diverse requirements, enabling them to evolve securely with a competitive edge. Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in Feb 2020, hence creating a cybersecurity and digital transformation powerhouse in the region. Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and cybersecurity focused. With best-of-breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.