OT Cybersecurity Analyst

Date: 13-Aug-2022

Location: SA

Company: Advanced Petrochemical Company

Brief Job Description:

  • Deploy and maintain network infrastructure devices (e.g., switches, routers, etc.), security appliances (e.g., firewalls, IDS, IPS etc.), and virtualization solutions.
  • Deploy and monitor security hardening and follow configuration procedures.
  • Creating detailed diagrams (e.g., network, cabling, server, rack, logical architecture, etc.), procedures, and plans (e.g., implementation, SAT, POC, mitigation, etc.) as needed to support projects.
  • Manage ICS hardware & software assets inventory and assessing assets for security vulnerabilities, obsolescence, and other risks.
  • Participating in the change management process.
  • Conduct regular vulnerability assessment & patch management.
  • Participate in asset commissioning & decommissioning activities as well as provisioning and de-provisioning of OT systems access.
  • Reviewing administrative, technical, and physical security controls and providing recommendations to mitigate the identified security risks.
  • Ensure compliance and adherence to the organization and government’s cyber security controls.
  • Participate in ICS projects and changes to ensure proper implementation of cyber security requirements.
  • Daily administrative tasks, reporting, and communication with the relevant departments in the organization.
  • Define system security context, concept of operations and baseline requirements in line with applicable cybersecurity policies.
  • Utilizes tools and technologies to facilitate database backup and migration.
  • Participate in OT security incident response and investigations.
  • Provide periodic reporting on information security issues.

 

Education:

  • Bachelor's Degree in IT major, Computer Science, Computer Engineering or any related field.
  • GIAC certifications (e.g. GICSP, GRID, Critical Infrastructure Protection)
  • ISA/IEC 62443 Cybersecurity Certificates
  • Networking certifications (e.g., CCNA, CCNP, JNCIP-ENT, etc.)

 

Experience:

  • 5 years of experience in OT cybersecurity or relevant field.

 

Skills & Competencies:

  • IT systems deep knowledge (x86/64 architecture / assembler (ARM and/or MIPS would be an advantage), Windows and Linux internals, popular file systems and executable file formats)
  • Knowledge of network components, their operation and appropriate network security controls and methods and understanding of risk assessment, mitigation and management methods.
  • Knowledge of the national cybersecurity regulations and requirements relevant to the organization and relevant legislative and regulatory requirements.
  • Understand OT Protocols including VNet IP, ModBus and Standard OPC protocols.