CYBER SECURITY ENGINEER
BH-283435
Posted: 03/10/2024
- Competitive
- Qatar Doha
- Contract
-
Oil & Gas
Cyber Security Engineer
Purpose of the Job:
With over 90 years' combined experience, NES Fircroft (NES) is proud to be the world's leading engineering staffing provider spanning the Oil & Gas, Power & Renewables, Chemicals, Construction & Infrastructure, Life Sciences, Mining and Manufacturing sectors worldwide. With more than 80 offices in 45 countries, we are able to provide our clients with the engineering and technical expertise they need, wherever and whenever it is needed. We offer contractors far more than a traditional recruitment service, supporting with everything from securing visas and work permits, to providing market-leading benefits packages and accommodation, ensuring they are safely and compliantly able to support our clients.
Purpose of the Job:
- Manage cyber security systems and projects within key operational areas.
- Oversee the design, implementation, and maintenance of cybersecurity measures to protect critical assets and information.
- Collaborate with the OMS(R) section on all cybersecurity matters related to projects and routine maintenance activities.
- Cybersecurity Systems Management:
- Manage and maintain cybersecurity solutions, including corrective and preventive maintenance.
- Oversee patch management, antivirus updates, application whitelisting, network monitoring, and anomaly detection.
- Firewall and User Management:
- Manage firewall rules (add/modify/review/cleanup) and handle domain user and policy management.
- Perform system hardening to safeguard against potential vulnerabilities.
- Incident Response and Monitoring:
- Provide local incident response in case of a cybersecurity incident.
- Investigate and respond to alerts from the Security Operations Center (SOC).
- Cybersecurity Design and Implementation:
- Design, implement, and maintain security systems, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions.
- Develop security procedures and standards to ensure compliance with industry regulations and best practices.
- Security Incident Investigation and Prevention:
- Investigate security breaches, conduct root cause analysis, and implement corrective actions to prevent recurrence.
- Collaborate with internal teams and external partners to address security concerns and implement security controls.
- Security Audits and Compliance:
- Participate in audits and assessments to evaluate the effectiveness of security controls.
- Ensure compliance with regulatory frameworks and industry standards.
- Awareness and Training:
- Provide security awareness training to staff members to foster a culture of security compliance.
- Stay updated on emerging threats and trends, recommending and implementing security enhancements.
- Documentation and Reporting:
- Maintain accurate records of security configurations, incidents, and remediation activities.
- Collaboration with OMS:
- Collaborate closely with the OMS team, acting as the first level of assurance through hygiene checks, configuration reviews, and support for routine maintenance activities.
- Common Services:
- Build, deploy, and operate centralized industrial cybersecurity services within QatarEnergy's OT Common DMZ infrastructure.
- Network and System Security Design:
- Develop secure network architectures and implement encryption, access management, and other security controls.
- Security Protocol Implementation:
- Configure and deploy security technologies like firewalls and IDS/IPS, establishing multi-layered defense strategies.
- Incident Response:
- Respond promptly to security incidents and recommend preventive measures for future occurrences.
- Vulnerability Management:
- Implement remediation plans for identified vulnerabilities and stay updated on security patches and threats.
- Collaboration:
- Work with various teams and stakeholders to communicate security risks and enforce security policies.
- Continuous Improvement:
- Engage in professional development to stay current with evolving cybersecurity trends and enhance security defenses.
- Bachelor’s degree in Computer Science, Information Security, or related field.
- Professional certifications such as CISSP, CISM, GICSP, and certifications like IEC-62443, GRID, or CEH are recommended.
- Experience in designing, implementing, and maintaining cybersecurity solutions.
- Strong understanding of cybersecurity principles, technologies, and best practices.
- Excellent analytical, problem-solving, communication, and teamwork skills.
- Minimum of 10 years of experience in cybersecurity engineering.
- Hands-on experience with security tools such as SIEM, antivirus, encryption solutions, and firewalls.
- Familiarity with regulatory standards like ISO 27001, NIST, and GDPR.
- Experience working in industrial or plant environments is an advantage, with exposure to DCS, SCADA, and electrical systems.
- Valid driver’s license.
- Willingness to work in challenging environments and respond to security incidents when needed.
With over 90 years' combined experience, NES Fircroft (NES) is proud to be the world's leading engineering staffing provider spanning the Oil & Gas, Power & Renewables, Chemicals, Construction & Infrastructure, Life Sciences, Mining and Manufacturing sectors worldwide. With more than 80 offices in 45 countries, we are able to provide our clients with the engineering and technical expertise they need, wherever and whenever it is needed. We offer contractors far more than a traditional recruitment service, supporting with everything from securing visas and work permits, to providing market-leading benefits packages and accommodation, ensuring they are safely and compliantly able to support our clients.