Loading...

@

  • Operational Technology Cyber Security Lead Malabo
  • Petrofac in Malabo, , Equatorial Guinea
  • jobs
  • 1 month ago

jobs description

Key Accountabilities
• Responsible to lead Overall OT/IT cyber security for major IT/OT projects.
• Responsible to develop Cyber Security Plan for the project and approval from Client.
• Reviewing network architectures and determining if good practices are being followed (e.g., the “zones & conduits” concept, proper network segmentation, use of Industrial DMZ, etc.); and providing recommendations to comply with applicable cybersecurity framework
• Reviewing security products utilized (e.g., firewalls, IDS, IPS) and determining if they are configured properly. Monitor deployment of network infrastructure devices (e.g., switches, routers, etc.), security appliances (e.g., firewalls, IDS, etc.), and virtualization solutions
• Reviewing security policies, plans, and procedures; assessing network monitoring capabilities; analyzing system logs, security events, and packet captures to identify security threats; and providing recommendations to comply with applicable cybersecurity... framework.
• Responsible to review security products utilized (e.g., firewalls, IDS, IPS) and determining if the proposed are configuration meets Project requirement and Industry standards
• Responsible to review security policies, plans, and procedures; assessing network monitoring capabilities; analyzing system logs, security events, and packet captures to identify security threats; and providing recommendations and work with IT / OT Systems vendor to comply with applicable cybersecurity framework
• Review administrative, technical, and physical security controls proposed by IT / OT Vendor and providing recommendations to mitigate the identified security risks
• Participate and contribute to Cyber security workshops, vulnerability, and risk assessments with ICSS Vendors to identify security risks and threats (e.g., unsecure remote access points, suspicious remote connections, unauthorized devices on the network, etc.) and providing recommendation to remediate the identified issues, Prepare Report/Update/Maintain and coordinate with all parties to close out action points
• Review/Comments vendor submitted detailed diagrams (e.g., network, cabling, server, rack, logical architecture, etc.), procedures, and plans (e.g., implementation, SAT, mitigation, etc.) as needed.
• Responsible to handle Technical Queries/issues from all stake holders, document review/approval of Automation products and vendors.
• Responsible to lead and participate in ICSS cyber security test at ICSS

Travel to the client’s site/ JV Partner location as and when required

The candidate is expected to adhere to the 9 Life-Saving Rules and the Petrofac Values and Behaviours.

FINANCIAL ACCOUNTABILITY
• Need to support in compliance activities, thereby reduce the risk of non-compliance.

PROBLEM SOLVING
• Ability to come up with solutions to problems.

PERSON SPECIFICATION

Knowledge & Qualifications
• Bachelor’s Degree in Cyber (IT/OT) Security / Electronics / Electrical / Information Technology /Computer science Engineering with a minimum of 12 to 15 years of Hands-on Work experience in Industrial Automation Projects and familiar with all Major ICSS vendor Architecture.
• Experience in implementing large scale (multi-site) Industrial Automation network and OT cyber security
• Have a minimum 5 years of experience in assessing, architecting, designing, and implementing cyber security capabilities, including incident response, threat intelligence, security monitoring, and vulnerability management
• Deep understanding of cybersecurity terms and principles (defense-in-depth, network segmentation, security monitoring and incident response, access management, OT patch management, secure remote access, anti-malware protection etc.).
• Advanced knowledge on networking (LAN/WAN) and industrial networking including significant low-level networking experience with the TCP/IP (Transmission Control Protocol/Internet Protocol).
• Solid knowledge on IT and OT infrastructure, including ICSS security and protection.
• Current knowledge of technology capabilities and trends; types, and techniques of hacking attacks.
• A background in OT and ICS system security administration and/or development.
• Certified Information Systems Security Professional (CISSP) or any equivalent Certification like Certified Ethical Hacker (CEH), CompTIA Security+, ISA/IEC 62443 Cybersecurity Specialist certification, Global Industrial Cyber Security Professional (GICSP)).
• Strong understanding of cybersecurity frameworks for ICS/OT environments
• Strong understanding of OT network communication protocols, industrial networking topologies, as well as L2/L3 networking and architecture.
• Preferable experience in NIST-SP800-82, IEC62443 / ISA99, NERC-CIP, IEC 27002, ISO/IEC 15408, BSI TL-02103, etc.
• Comprehensive knowledge of internet protocols, firewalls, proxies, and intrusion detection/prevention systems.
• Familiarity/Knowledge of the Purdue Enterprise Reference Architecture (PERA)
• An ability to work autonomously, cooperatively, and remotely from the corporate office with other locations.
• Excellent problem solving, critical thinking, and analytical skills with the ability to deconstruct problems.
• Familiarity of the threats, vulnerabilities, exploits in ICS environments, and appropriate mitigation techniques
• Preferable candidates having OT Working experience.
• Good presentation, training, and communication skills to both internal and external stakeholders
• Strong time management skills including ability to meet deadlines and manage priorities
• Effective technical writing skills in English
• Candidate possessing a strong command of the Spanish language, coupled with excellent English skills are preferred.
• BOSIET | Basic Offshore Safety Induction and Emergency Training

Skills & Competencies
• Dedication to the work allotted by taking ownerships.
• Good Communication and Social Skills
• Adhere to time management and deliver to the expectations.
• Problem solving ability.
• Ability to work in team

Additional Information
Malabo Equatorial Guinea

salary-criteria

Apply - Operational Technology Cyber Security Lead Malabo