Company: North Oil Company
Skills: IT - Analysis & Management, IT - Programming & Database, Instrument & Controls Engineer
Experience: 7 + Years
Education: Bachelors/3-5 yr Degree
Employment Type: Full Time Salaried Employee
Location: Doha, Qatar
No location/work authorization restrictions found.


This is a permanent position based in the main office on residential status under Field Operations.

 

Accountabilities

  • Ensure compliance and adherence to NOC's cyber security controls.
  • Develop, implement, operate and maintain security solutions/controls within ICS infrastructure such as firewalls, IPS, patching solution, Active Directory, backup and restoration, secure remote access and endpoint security.
  • Maintain ICS asset inventory including software, firmware and hardware details in support of cybersecurity and daily operation.
  • Liaise with the information security team to facilitate cyber security assessments, performance reporting and projects planning and implementation.
  • Ensure that all outstanding observations and non-compliances result from the assessments and audits are mitigated within the committed timeframe.
  • Participate in ICS security projects and changes within the business unit to ensure proper implementation of cyber security requirements.
  • Participate in ICS security incident response through all phases.

 

Activities

HSE

  • Participate in, and comply with related HSE activities
  • Ensure Information security monitoring and response activities do not compromise health and safety intentionally

Information Security

  • Liaise with the information security team to facilitate cyber security assessments, performance reporting and projects planning and implementation.
  • Participate in Cyber security incident response through all phases and act as a member of Computer Incident Response Team (CIRT)
  • Liaise with information security team to support the OT Cyber security program and provides status updates and reporting to the OT cyber Security Steering committee about the implemented mitigations and cyber security controls.

Industrial Control Systems (ICS/OT) operation Security

  • Execute day-to- day cyber security technical operation within the business segments to ensure alignment of all process and operational aspects with NOC's information and cyber security policies and requirements.
  • Maintain up-to-date ICS assets inventory by operating and managing the Asset management tool.
  • Manage and keep track of assets obsolescence and proactively coordinate with relevant stakeholders to implement the required actions.
  • Keep track of applicable ICS vulnerabilities and coordinate with relevant vendors/third parties to implement the recommended mitigations.
  • Manage and operate the antivirus system to ensure the connected and standalone endpoint are updated periodically.
  • Manage and operate the patch management system i.e. WSUS to ensure the connected and standalone endpoint are updated periodically
  • Implement and operate the account management process either through Active Directory or locally for operating systems, network devices and ICS applications i.e. account creation, modification, deactivation and period access review.
  • Perform periodic systems backups and restoration tests as per the agreed backup schedule and ensure preparation for the disaster recovery activities.
  • Harden the operation systems, ICS applications and networks devices as per NOC requirements.
  • Develop and implement standard operating procedures and processes as need to support the daily operations.
  • Participate in Change Management activities
  • Participate in identifying risks in Operational Technology and when they potentially impact process safety or life safety.
  • Implement mitigation actions for audit and risk assessment to address identified gaps and coordinate the identified mitigation actions with all relevant stakeholders.
  • Perform periodic logs review and monitoring to detect anomalies

 

Qualifications & Experience:

  • Bachelor's Degree and/or Master's degree in Computer Science, Engineering, Information Systems or Control Systems
  • 7+ years of experience in Industrial Control System or Technology experience with detailed understanding of distributed control system (DCS) and supervisory control & data acquisition (SCADA) architecture and the role of common system components.
  • 4+ years' hands on experience in a similar role (ICS operation Security).
  • Working experience in Oil and Gas experience (or manufacturing industries). Offshore Oil and Gas experience is preferred.
  • Preferred professional certifications: SANS ICS certifications GICSP
  • Strong communication skills, including written, oral and presentation skills and must be fluent in English.
  • Must be capable of working independently and collaboratively.