Enable job alerts via email!
Cyber Security
ACWA Power
Saudi Arabia
On-site
SAR 262,000 - 375,000
Full time
Today
Be an early applicant
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
An energy sector leader in Saudi Arabia is seeking a cybersecurity professional to manage security operations, regulatory compliance, and vulnerability assessments. The ideal candidate will ensure the effective utilization of security tools and manage comprehensive programs for threat detection and remediation efforts. Responsibilities include coordinating with IT teams, handling incidents, and contributing to cybersecurity awareness culture.
Responsibilities
- Ensure effective utilization of security tools for monitoring and threat detection.
- Manage vulnerability management programs, including scanning and assessment.
- Implement security baselines for all systems, applications, and network devices.
- Coordinate with IT and OT teams for secure configurations and patch management.
- Handle cybersecurity incidents and follow up on closure.
- Evaluate vulnerabilities and apply security update packages in the CE Cluster.
Job description
Responsibilities
- Ensure the effective utilization of security tools (SIEM, EDR, IDS/IPS, Vulnerability Scanners, etc.) for continuous monitoring and threat detection.
- Manage comprehensive vulnerability management programs, including regular scanning, assessment, and coordination of remediation efforts for existing operations and new projects.
- Ensure the implementation and maintenance of security baselines for all systems, applications, and network devices within the CE Cluster.
- Coordinate with IT and OT teams to ensure secure configurations and patch management are applied across all environments.
- Handle cybersecurity incidents, follow up on their closure.
- Continuously evaluate vulnerabilities and follow up on the application of security update packages and settings in the CE Cluster.
- Arrange and contribute to periodic penetration tests on all internal and externally provided services and their technical components to assess the level of cybersecurity in the CE Cluster.
- Ensure that endpoint security solutions are implemented across the systems in the plant and identify inconsistencies in the CE Cluster.
- Conduct periodic scanning and checksums to ensure security status (i.e., YARA rules, queries) in the CE Cluster.
- Conduct periodic simulated phishing attacks.
- Evaluate network security controls, protocols, topologies, and device configurations.
- Conduct periodic network security audits
- Participate in incident response and business continuity management.
- Identify the list of network devices managed by the Cybersecurity Operations function and maintain an updated asset inventory defining criticality and ownership.
- Maintain a baseline configuration for network security assets such as internal/external firewalls, IPS/IDS, NAC systems, anti-DDOS, and VPN, and test firewall and IDS/IPS logs against forensics requirements.
- Schedule periodic configuration reviews to ensure network device configurations follow best practices.
- Document a process for network devices to align with approved security configurations.
- Ensure the implementation of cybersecurity policies, procedures, standards, and controls in strict alignment with NCA regulations (e.g., ECC, OTCC, CCC, TCC) and other relevant KSA regulatory frameworks.
- Conduct regular assessments of cybersecurity posture against NCA standards for both operational assets and projects under construction.
- Ensure cybersecurity considerations are integrated into all phases of new construction projects, from design and procurement to implementation and commissioning, adhering to NCA guidelines.
- Work closely with project teams to ensure cybersecurity requirements are met for Industrial Control Systems (ICS) and Operational Technology (OT) deployed in new facilities as per the OTS.
- Monitor changes in NCA regulations and update internal policies and controls accordingly.
- Maintain compliance with ACWA policies and local regulatory requirements across all activities.
- Participate in cybersecurity risk assessments, identifying potential threats and vulnerabilities to critical assets in both operational and project environments.
- Implement risk mitigation strategies and controls.
- Provide regular reports to management on cybersecurity posture and compliance status.
- Promote a strong cybersecurity awareness culture across the organization.
- Work with third-party vendors, EPCs, and contractors to ensure their compliance with organizational and NCA cybersecurity requirements.
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Michael Carter
I was stuck sending out resumes with no response until I used JobLeads. They made my resume impossible for recruiters to ignore.
Sophie Reynolds
JobLeads' resume review helped me fix critical mistakes, and I started getting interviews almost immediately!
Daniel Fischer
With JobLeads' resume review, my resume went from overlooked to interview-ready in no time!