NOV Africa is seeking a self-motivated ICS Security Engineer to join the Rig Technologies team in Gqeberha. The successful candidate will work directly with technical leaders across the digital products group in the selection, deployment, and validation of cybersecurity controls to reduce exposure and ensure security and compliance requirements are maintained.
The position also entails analyzing our product groups' network designs and software implementations as specified for our customer’s requirements. This position will ensure that controls are relevant, properly documented, and maintained for associated products and services.
DUTIES & RESPONSIBILITIES:
- Collaborate internally and externally with business organizations to create solutions meeting our customer needs while minimizing Cyber security risks.
- Guide technical leaders and business functions on OT network architecture, Compliance, and security-related matters.
- Develop, document, and execute cybersecurity execution plans and schedules.
- Triage and address security alerts reported by OT security systems.
- Continuously develop OT vulnerability and remediation capabilities to enable faster patching and mitigation cycles.
- Evaluate and recommend improvements to enhance the cybersecurity posture of digital products.
- Analyze network designs and software implementations to ensure security compliance.
- Proactively identify risks and active threats to OT systems and applications.
- Perform incident response tasks, including evidence preservation, forensics, and malware/exploit analysis.
- Participate in developing and implementing new products to support security and compliance requirements.
- Develop and maintain cybersecurity technical documentation and guidelines.
- Conduct OT security workshops and awareness training sessions as needed.
- Perform other work-related tasks as assigned.
- Comply with all NOV Company and HSE policies and procedures.
QUALIFICATIONS:
- Bachelor’s degree in Computer Science, Cyber Security, or a related field.
- Security or OT-related certifications are highly desirable, such as CISSP, CISA, CISM, CRISC, or other information security certifications.
EXPERIENCE:
- At least 2 years of work experience in OT environments and ICS security.
- Experience with industrial network protocols such as Modbus, PROFINET, OPC, EtherCAT is essential.
- Knowledge of design, deployment, and assessment of DCS/SCADA systems is desirable.
- Knowledge of ICS security standards, IEC 62443, NIST frameworks, etc., is desirable.
- Experience with PLCs (Allen Bradley, Siemens, Wago), Embedded Windows, Embedded Linux, and RTOS control systems.
- Experience with Windows Servers, Linux/UNIX, enterprise anti-virus, endpoint security, application whitelisting, SIEM, logging configurations, IDS/IPS, authentication methods, TCP/IP, packet capture, and analysis.