Cyber Security Professional

Job Title: Security Measures Engineer (ICS & SIS)

Key Responsibilities:

• Security Measures Engineer:
• Implement and monitor robust security measures to protect ICS and SIS systems, their associated networks, and sensitive information to ensure a secure environment.
• System Security Requirements:
• Identify and define system security requirements for ICS/SIS systems to ensure comprehensive protection from internal and external security threats.
• Security Assessment:
• Perform high-level gap assessments and risk assessments to identify critical assets, vulnerabilities, and gaps in current security measures and define improvement strategies in line with IEC 62443 standards.
• Security Architecture:
• Design and develop detailed cybersecurity architectures based on industry-standard blueprints and best practices, ensuring robust protection for ICS environments.
• Backup Solutions and Management:
• Implement and manage system backup technologies (e.g., Acronis, Veritas, Veeam) to safeguard against data loss, overseeing installation and deployment for both factory and customer environments.
• Threat Detection and Vulnerability Monitoring:
• Implement and manage security solutions such as Claroty or Nozomi to detect and monitor threats, and remediate vulnerabilities by taking appropriate actions based on risk scores for customers.
• Endpoint Security:
• Deploy and manage endpoint security solutions (e.g., McAfee) and SIEM solutions (e.g., McAfee, Splunk, QRadar) for comprehensive threat detection and response across ICS networks.
• Network Security:
• Implement and manage network-based firewalls (e.g., Siemens, Fortinet, Palo Alto, Cisco), troubleshoot networks, and deploy intrusion detection products to protect against cyber threats.
• Network Management:
• Install and manage network management solutions such as SiNEC NMS, SolarWinds, and WhatsUp Gold to optimize network performance and security.
• Firmware Updates:
• Conduct firmware updates for automation control systems, switches, and firewalls to maintain system security and performance.
• Domain Controller Configuration:
• Configure and deploy domain controllers and policies to defined computer groups in line with ICS system security guidelines.
• Host-Based Security:
• Implement host-based security technologies, including antivirus, data leakage prevention, and host IPS, as well as whitelisting and anomaly detection tools for ICS systems.
• Installation and Testing:
• Perform installation, configuration, and testing activities both in Factory Acceptance Testing (FAT) and Site Acceptance Testing (SAT) to ensure secure deployment of systems at customer sites.
• Documentation:
• Prepare comprehensive system documentation such as functional design specifications, backup systems, firewall configurations, network diagrams, system architectures, asset inventory, and FAT/SAT procedures.

Your Success is Grounded in:

• Experience:
• 5 to 6 years of experience in OT security systems design, implementation, and consulting, including hands-on experience with industrial automation systems.
• Cybersecurity Expertise:
• Proven experience in cybersecurity, specifically within ICS environments, ensuring that industrial systems are protected against cyber threats.
• Security Assessment & Risk Management:
• Ability to perform high-level gap assessments and risk assessments in accordance with IEC 62443 standards to identify security gaps and implement improvements.
• Tool-based Vulnerability Assessment:
• Experience in tool-based vulnerability assessment for SUC, reviewing network device configurations, and implementing remediation measures.
• Review & Document Security Policies:
• Expertise in reviewing existing cybersecurity policies, guidelines, and procedures, identifying and documenting related vulnerabilities to strengthen overall security posture.
• Security Solutions Management:
• Proficiency in managing and implementing backup technologies, endpoint security, SIEM solutions, and network firewalls from leading vendors like McAfee, Splunk, Fortinet, Cisco, etc.
• Firmware Updates and Network Management:
• Hands-on experience with network management solutions and performing firmware updates to maintain system integrity.
• Configuration Skills:
• Expertise in configuring domain controllers and deploying host-based security technologies to enhance security for industrial control systems.
• Documentation & Testing:
• Strong documentation skills with experience preparing FAT and SAT procedures, system architecture documents, and operational maintenance manuals.

Qualifications:

• Bachelor's Degree in Engineering (Electrical Engineering, Computer Engineering, or related field). A degree in Cybersecurity is preferred.
• Certifications:
• Valid certification in OT security (e.g., CISSP, GICSP, OSCP) is an additional advantage.