Senior Engineer, Asset Management (OT Security)

Full Time
Job Description

About the Job

  • Monitor Industrial Control networks for security threats or unauthorized users.
  • Identifies compromised machines and report on security measures taken to address threats, analyse security risks and develop response procedures.
  • To maintain security tools, servers. Prepare budget for security hardware and software.

Key Responsibilities

Procedures and Policies

  • Review the cyber security procedures and policies for all ICS systems including the third-party systems and advise on the required solutions for protecting the critical infrastructures from emerging cyber-attacks.
  • Review and implement Data Classification & Media Handling for OT systems

Servers, Switches-Daily Maintenance

  • Directs and supervises all the administration activities related to servers or network devices
  • Puts plans and procedures to maintain and upgrade the Windows updates/upgrades and the hardware of the servers and networking devices.
  • Managing and administering the patch management activities for respective OT assets & technical review as well as approval of all the patch for its applicability, impact, and criticality within OT.
  • Ensures periodic review of User accounts of the assets and applications in the ICS and third-party systems.
  • Creating, modifying, disabling, deleting OT systems user accounts.
  • Overall network operations activity to support the OT assets and its applications for communications & implementation, management, and support of all network components such as network switches, routers, NMS etc.
  • Ensure the endpoint security is as per ADNOC OT cybersecurity specifications.

Analysis and Report

  • Leads the risk assessment process for identifying the ICS cyber security gaps

Coordination of External Consultants and Contractors

  • Coordinates and supervises the work of external consultants, contractors or engineers related to cyber activities.
  • Follows up on their work progress and performance, approves time sheets for manpower allocation and time spent, and presents invoices for payment as appropriate.

Projects Participation with Vendors

  • Participates in reviewing technical design and Security engineering and provides inputs related to these projects.
  • Ensures proper implementation and participates in acceptance tests on behalf of the mentioned cyber projects.

Coordination among ADNOC Refining Departments

  • Coordinate with ADNOC OT Security teams to ensure proper implementation of cyber security for the connectivity between ICS systems and business networks. And coordinate with different department to ensure integration with each other.

Plan And Disaster Readiness

  • Develops/assist the worst-case scenario and mitigation plan for ICS cyber security attacks.
  • Business Continuity Management – Incident Response & Disaster Recovery of OT Assets.

Change Management Process

  • Develops a change management process to ensure proper secure implementation of cyber security controls to avoid affecting production when implementing cyber security solutions

Data Backup & Disaster Recovery plan (DRP)

  • Perform daily, monthly, and yearly data and database’s backup at RR. Backup and Restoration shall include the main DCS/SCADA/third party and package systems.
  • Performs some restoration tasks from times to time to be sure the validity of the backup and the DRP and that the tapes were kept in safe place.

Minimum Requirements

  • Bachelor Degree in Engineering or relevant degree
  • At least 8 years experience in the same or similar role working in an oil and gas industry