Ics Cybersecurity Specialist

ICS Cybersecurity Specialist

Job Purpose / Objective

Hands-on responsibility for Industrial Control Systems (ICS) Cyber Security inclusive of protection, detection, response, and recovery for Windows-based operating systems and network levels 0 through 3.5 as per ISA/IEC 62443. Ensure compliance with company standards for both networked and standalone ICS/OT devices. Develop, enhance, and maintain the company's ICS Cyber Security capabilities through adoption of the ISA/IEC 62443 standards and supporting tools (e.g. vulnerability assessment, IPS, SIEM, etc.).

Key Accountabilities

Routine Duties

• Establish a Cybersecurity management system and framework for the company.
• Develop and implement necessary Cybersecurity standards, policies, procedures, and risk assessment framework.
• Plan and facilitate internal and external audits to identify ICS Cybersecurity gaps and vulnerabilities.
• Manage patch deployment for Windows devices in network levels 0 through 3.5 as well as standalone devices.
• Identify obsolete Operating Systems (OS) and plan for necessary upgrades through vendor consultation.
• Consolidate standalone devices (e.g., laptops used for PLC configuration).
• Prepare for internal ICS audits by completing configuration review sheets for all workstations, servers, switches, firewalls, and routers in the OT environment. Correct deficiencies and document deviation and remediation plans.
• Prepare for internal ICS audits by participating in and documenting compliance of all workstations, servers, switches, firewalls, and routers in the OT environment with company policies and procedures.
• Participate in the design of cyber solutions for the OT environment (e.g. SIEM, IPS, ATP).
• Monitor patch deployment, anti-virus, SIEM, IPS, ATP and related systems and respond to and investigate alerts.
• Perform detailed, post-event analysis of cyber events and direct needed incident response procedures.
• Perform detailed technical analysis of industrial control systems (ICS) and cyber security controls.
• Participate in vulnerability assessments and administrative audits on client computer systems and network devices considering the sensitivity of operational technology testing.
• Identify cyber security gaps and recommend mitigation strategies to address gaps.
• Maintain knowledge of the cyber security capabilities of operating systems, networking devices, control systems, and vendor offerings.
• Maintain a broad knowledge of current and emerging state-of-the-art computer and network systems technologies, architectures, and products.
• Resolve technical issues considering operating impact and communicate issue resolutions to OT organizations.
• Secure operational technology networks.
• Design comprehensive technical solutions that meet compliance requirements and implement appropriate software to mitigate critical security risks (e.g., system and antivirus software, encryption modules, patch management programs, insider threat protection, incident response plans, forensic capabilities, and regulation compliance).
• Lead collaboration efforts with other cyber security experts on the team to develop well-constructed approaches to ICS risk management, mitigation, and monitoring strategies.
• Secure systems running ICS-related communications protocols (e.g., MODBUS, PROFIBUS, etc.).
• Develop simulated ICS environments within a virtual infrastructure.
• Participate in MOC / PSSR processes.

Policies, Systems, Processes and Procedures

• Maintain a working knowledge of applicable cyber security standards including those relating to process networks.
• Provide input to the planning, design, development, and implementation of technical controls, procedures, and policy associated with compliance to regulatory requirements, cyber security guidance, and standards.
• Contribute to the identification of opportunities for the continuous improvement of systems, processes, and practices in order to increase productivity and operational efficiency.
• Implement all relevant section policies, processes, procedures, and instructions so that work is carried out in a controlled and consistent manner.

Quality, Health, Security, Safety and Environment

• Ensure compliance with Life Critical Procedures, Tenets of Operations, Consent to Operate, plant policies and procedures, Daily Operating Instructions, Standard Operating Procedures (SOPs), Job Safety Analyses (JSAs), MOC processes, and Quality Management System.
• Participate in safety activities to ensure regulatory, health, safety, security, environmental, and quality compliance.
• Carry out plant walk-downs and audits to ensure work is being performed safely and that plant safety systems are enabled. Coordinate efforts to correct discrepancies.
• Actively participate in shift toolbox meetings, JSAs, and other safety-related meetings.
• Execute Stop Work Authority and take immediate corrective actions to stop unsafe behaviours.

Reporting

• Communicate ideas, present, and explain technical knowledge to stakeholders.
• Provide training to organizational employees regarding protective ICS cyber security measures and the understanding of social engineering risks and tactics.
• Prepare timely and accurate recaps and reports in order to meet departmental requirements, policies, and standards.
• Inform the Supervisor of issues that require additional follow up.
• Report incidents and near misses and participate in investigations as required.

5. Qualifications & Experience

Education

Required (Qualification / Discipline): Bachelor's degree in Electrical Engineering, Electronic Engineering, Process Control Engineering, Instrumentation Engineering, Engineering Technology, Physical Engineering, Automation Engineering, Mechatronics Engineering, Cyber and Networking Security, Computer Engineering, or Science majoring in Information Technology.

Preferred (Qualification / Discipline): Master's degree in Electrical Engineering, Electronic Engineering, Process Control Engineering, Instrumentation Engineering, Engineering Technology, Physical Engineering, Automation Engineering, Mechatronics Engineering, Cyber and Networking Security, Computer Engineering, or Science majoring in Information Technology.

Experience

Required (Years / Job Level / Industry): 5+ years' experience in control systems engineering, DCS/PLC/SIS support, instrumentation maintenance, or related operational role in Oil & Gas or chemical manufacturing environment. 3+ years' experience in ICS/OT Cyber Security.

Preferred (Years / Job Level / Industry): 7+ years' experience in control systems engineering, DCS/PLC/SIS support, instrumentation maintenance, or related operational role in Oil & Gas or chemical manufacturing environment. 5+ years' experience in ICS/OT Cyber Security.

Other Job Specific Requirements and/or Vocational Accreditations

• Highly experienced with the Windows OS, Active Directory (AD), Group Policy Objects (GPO), security, and related items.
• One or more of the preferred certifications listed below, equivalent certification, or verifiable hands-on experience.
• Working knowledge of ICS cyber security related standards including ISA/IEC 62443.
• Working knowledge of system security design, defense-in-depth and breadth, information domains, authentication and authorization, system integration, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, and security testing.
• Ability to research and engineer new security solutions and write opinion papers, proposals, and presentations.
• Understands the threat landscape of network-connected ICS technology.
• Understands fundamentals of technical security risk assessment.
• Experience with cyber security vulnerability assessments, penetration tests, and the tools and techniques involved in both.
• Experience in the capabilities and configuration of cyber security controls, specifically those relating to firewalls, intrusion detection systems, access control, authentication, anti-virus and anti-malware, patching and hotfix, and logging.
• Experience with corporate policies and procedures and/or technical writing skills.
• Experience with network routing, switching, and TCP/IP.
• Experience with physical cabling for network communications and control system I/O.

Preferred Skills

• ISA 62443 Level 1/2/3 certified.
• CISSP Certified - Certified Information Systems Security Professional.
• GICSP certification preferred - Global Industrial Cybersecurity Professional.
• CCNA / Network+ certified.
• MCSE Certified preferred - Microsoft Certified Systems Engineer.
• Experience with at least one of the following DCS systems: Emerson, Honeywell, or Yokogawa.
• Experience in Oil & Gas or chemical manufacturing environments.
• Excellent interpersonal and group dynamic skills.
• Strong written and verbal communication skills.
• Ability to manage and deliver multiple projects concurrently.
• Knowledge of national ICS Security Standards is a plus.

Note: This is a hands-on position with considerable field work in an industrial, 7x24 chemical manufacturing environment.

Languages

Required (Language / Level): English - proficient

Preferred (Language / Level): Arabic - working knowledge is a plus