Job Description

 

Senior Engineer, Cyber Security - Oman, will assist in design review for new projects, installation, operation, and support IT/OT security systems and controls to ensure they operate properly and remain secure from outside intrusion. In addition, enhancing the capabilities, lifecycle / obsolescence management of IT/OT assets from cybersecurity perspective and keep the company secure to stay ahead of the curve in everything.

 

  • Maintain compliance with ACWA policies and local regulatory requirements.
  • Assist the project teams during design review of IT/OT architecture to make sure that plant design is as per ACWA Power Cybersecurity guidelines (OTS exhibits normally) + plant is designed as per the local legal cybersecurity directives.
  • Ensure the implementation of cybersecurity policies, procedures, and standards.
  • Implement ACWA Power IT/OT SOP (Standard Operating Procedures) framework across critical systems in the respective cluster.
  • Develop and maintain asset log / register for all cybersecurity components (equipment’s) to perform vulnerability assessment and implement risk mitigation actions.
  • Develop disaster recovery plans and execute routine disaster recovery drills.
  • Develop and implement routine backup (online and offline) management for IT and OT systems.
  • Develop obsolescence / life cycle management plan for IT and OT devices with regard to cybersecurity focusing spares availability, patch deployment, etc.
  • Lead the IT/OT internal audit for the region and take ownership in closure of all open action items.
  • Contribute to Conduct risk assessments and follow up on the status of risks and actions taken in coordination with stakeholders.
  • Implementing the cybersecurity awareness and training program and measuring the extent of employees’ commitment to cybersecurity awareness.
  • Follow up on cyber security monitoring systems to ensure their stability and availability and submit reports to describe their status.
  • Ensuring the integration of all critical systems with the corporate (SIEM)
  • Collect cybersecurity events in the information and technology assets of the Cybersecurity Event Logs Management and Monitoring (SIEM) system, analyze the logs, and identify cybersecurity risks.
  • Handling cyber security incidents and following up on their closure, and escalation of existing events that exceed a defined service level agreement.
  • Continuous evaluation of vulnerabilities and follow-up application of security update packages and settings.
  • Arrange and Contribute to the periodic penetration tests on all internal and externally provided services and their technical components to assess the level of cybersecurity.
  • Managing Logical Access to Information and Technology Assets by defining cybersecurity requirements for managing access identities and permissions, documenting and implementing them.
  • Create and install the required endpoint protection such as anti-virus, firewalls, etc. based on the gaps identified in the analysis conducted by ACWA.
  • Ensure that endpoint security solution is implemented across the systems (IT and OT) in the plant and identify inconsistencies.
  • Maintain up-to-date signatures on the endpoint security agents (IT and OT).
  • Conduct periodic scanning and checksum to ensure the security status (i.e. YARA rules, queries).
  • Conduct periodic simulated phasing attacks.
  • Evaluate the network security controls, protocols, topologies, and device configurations.
  • Analyze log files related to network traffic, firewalls, IDS, IPS, and DNS. Identify any suspicious activity and its effect on the plant data and systems.
  • Implement and test the firewalls, IDS, and IPS systems.
  • Conduct periodic network security audits.
  • Participate in incident response and business continuity management.
  • Manage VPN profiles and access.
  • Identify the list of network devices managed the Cybersecurity Operations function and maintain an updated asset inventory defining the criticality and ownership.
  • Maintain a baseline configuration for the network security assets such as internal/external firewalls, IPS/IDS, NAC systems, anti-DDOS, and VPN and test firewall and IDS/IPS logs against forensics requirements.
  • Establish guidelines for encrypting email communications and digitally signing emails and integrate with DLP solution once deployed.
  • Schedule periodic configuration reviews to ensure network device configurations follow best practices.
  • Document a process for network devices to align with approved security configurations.
  • Contribute to the annual budget for cybersecurity as well as the annual budget of the project company and the plant in the respective site.
  • Manage and monitor the financial performance against the approved budget.
  • Follow up with EPC and the project company during the construction phase to ensure the implementation of cybersecurity requirements in the OTS and O&M agreement.
  • Lead the internal and external cybersecurity audits and implement the resolution of observations.
  • Contribute to the annual audit of the ISO 27001 ISMS certification.
  • Deploy all the requirements of ISO certifications including information security and digital business continuity management.
  • Ensure data gathering from all critical IT/OT systems to ACWA Power data lake in coordination with digital operations, cybersecurity, and I&C teams.

 

Who will fit:

  • Bachelor degree holder in IT Engineering or Computer Science
  • Working knowledge of electrical installations
  • Working knowledge in CSP, PV and Wind technologies is an added advantage
  • 5+ years’ experience the IT / Cybersecurity operation

 

Skills

 

  • Strong Understanding of multiple IT technologies and processes.
  • Direct skills of Cybersecurity operations
  • Ability to analyze and resolve complex issues both logical and interpersonal.
  • Strong knowledge on Cybersecurity monitoring and compliance.
  • Excellent knowledge of IT policies and regulatory requirement
  • Ability to evaluate new technology from a commercial lens
  • High understanding of data analysis and budgeting
  • Effective verbal and written communications skills
  • Ability to negotiate and defuse conflicts
  • Manage ambiguity: Ability to take decisions and operate in ambiguity
  • Collaborates: High communication and interpersonal abilities.
  • Ensures accountability: High commitment to the work and deliver high performance

 

 

Salary

0 - 0 AED

Monthly based

Location

Muscat , Oman

Job Benefits
Coworking budget
Job Overview
Job Posted:
1 month ago
Job Type
Full Time
Job Role
Engineer
Education
Bachelor Degree
Experience
5+ Years
Total Vacancies
1

Job Tags:

Share This Job:

Location

Muscat , Oman