Ics Cybersecurity Engineer

We are seeking an **ICS Cybersecurity Engineer **to ensure that the organization’s cybersecurity program complies with applicable requirements, policies, and standards. Assists in creating policies and procedures to help reduce risk, meet regulatory requirements, and best business practices. Develop awareness materials and phishing test scenarios.

**OUR CLIENT**

Our client is a world leading Refinery & Petrochemical Company located in Rabigh. By adding value to the nation’s key resources they are attracting diverse new industries and creating jobs, enriching life for everyone by generating sustainable economic and social development.

**LHR GLOBAL**

The job opportunity you have long for has more competition than ever. LHR Global has created a series of products that guide in every stage of the process so you can turn it into a real job offer.

**QUALIFICATIONS**
- Bachelor Degree in IT major, Computer Science. Computer Engineer.
- Certified SCADA Security Architect (CSSA)
- GIAC certifications (e.g., GICSP, GRID, Critical Infrastructure Protection)
- ISA/IEC 62443 Cybersecurity Certificates
- Networking certifications (e.g., CCNA, CCNP, JNCIP-ENT, etc.)
- Knowledge of network components, their operation and appropriate network security controls and methods and understanding of risk assessment, mitigation and management methods.
- Knowledge of relevant cybersecurity aspects of legislative and regulatory requirements, relating to ethics and privacy and the principles of cybersecurity and privacy.
- Knowledge of cybersecurity related threats and vulnerabilities and knowledge of the likely operational impact on an organization of cybersecurity breaches.
- Knowledge of cybersecurity authentication, authorization and access control methods and business practices within organizations.
- Knowledge of the national cybersecurity regulations and requirements relevant to the organization and relevant legislative and regulatory requirements.
- Knowledge of what constitutes a threat to network security and knowledge of relevant laws, legal authorities, restrictions and regulations that govern and are applicable to cybersecurity activities.
- Knowledge of who is developing the organization’s strategies, policies and plans are, along with their contact details and their expectations.
- Knowledge of national and organizational document and information classification and marking standards, policies and procedures.
- Knowledge of network components, their operation and appropriate network security controls and methods.
- Knowledge of cybersecurity aspects of business continuity and disaster recovery planning and including testing.
- Knowledge of host and network access control mechanisms.
- Knowledge of best practices for incident response and incident management.
- Knowledge of host-based and network-based intrusion detection methodologies and techniques.
- Knowledge of best practice network traffic analysis methods.
- Knowledge of system administration, network management and operating system hardening methods.

**DUTIES AND RESPONSIBILITY**
- maintain network infrastructure: Deploy and maintain network infrastructure devices (e.g., switches, routers, etc.), security appliances (e.g., firewalls, IDS, IPS etc.), and virtualization solutions.
- Reviewing network and security products and determining if they are configured properly.
- Reviewing security policies and develop operational instruction manuals.
- Managing hardware and software security life cycle.
- Creating detailed diagrams (e.g., network, cabling, server, rack, logical architecture, etc.), procedures, and plans (e.g., implementation, SAT, POC, mitigation, etc.) as needed to support projects.
- Taking inventory of the plant’s hardware & software assets and assessing those assets for security vulnerabilities, obsolescence, and other risks.
- Reviewing network architectures and determining if good practices are being followed (e.g., the “zones & conduits” concept, proper network segmentation, use of Industrial DMZ, etc.); and providing recommendations to comply with applicable cybersecurity framework.
- Participating in the change management process.
- Provisioning and de-provisioning of OT systems access.
- Maintains Cybersecurity requirements:

- Ensuring that the organization's data and infrastructure are protected by enabling the appropriate security controls.
- Troubleshooting security and network problems in ICS/OT.
- Reviewing administrative, technical, and physical security controls and providing recommendations to mitigate the identified security risks.
- Ensure compliance and adherence to the organization and government’s cyber security controls.
- Participate in ICS projects and changes to ensure proper implementation of cyber security requirements.
- Deploy cybersecurity patches to ICS/OT systems.
- Daily administrative tasks, reporting, and communication with the relevant departments in the organization.
- Employ secure configuration m