Senior OT Pentester

We have been present in Qatar for over 35 years and with over 350 employees to date and we are growing rapidly. Thales in Qatar is part of our Middle East business that has 1,800 people across Egypt, Iraq, Kuwait, KSA, Lebanon, Oman, Pakistan, Qatar and UAE. Our people are working on two major urban rail projects; the Doha Metro and Lusail Tramway and providing security and communications systems for Hamad International Airport and Doha Port as well as delivering world-class In-Flight entertainment and Connectiivity systems. JOB OBJECTIVE Work with the Lead cyber consultant and the Project manager to deliver all required works. They will be mobilized at the start of the pentesting activities and working on-site in the customer premises or in the Thales labs in Doha. ROLES & RESPONSIBILITIES • Application and OT infrastructure security configuration • Network security & OT architecture • Penetration testing of applications, OT systems and networks • Information security organization, standards, and risk management • In addition, you will: • Lead audits, document work performed, draft the audit report and present of the audit conclusions to the management • Follow up security audit issues and recommendations to verify the proper remediation • Contribute to the development and the maintenance of our “Cyber Security audit Lab” and tool • Recommend policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data • Conduct risk and vulnerability assessment to planned and installed information systems to identify vulnerabilities, risks, and protection needs • Promote awareness of security issues among management and ensure sound security principles are reflected in organization vision and goals • Conduct system security evaluations, audits, and reviews, • Recommend systems security contingency plans and disaster recovery procedures • Recommend and implement programs to ensure that system, network and data users are aware of, understand, and adhere to system security policy and procedure • Participate in network and systems design to ensure implementation of appropriate systems security policies • Facilitate the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes • Assess security events to determine impact and implementing corrective actions • Ensure the rigorous application of information security/cybersecurity policies principles, and practices in the delivery of all IT services • Additional duties: • Support our Business & Development and Sales team and offer preparation • Perform trainings and workshops on cyber security topics • Support authorization and accreditation (A&A) efforts, to include assessing and guiding the quality and completeness of A&A activities, task, and resulting artifacts mandated by governing DoD and Air Force policies (i..e., Risk Management Framework (RMF)) • Develop and give presentations to leadership • Performing as a team member: understanding personal and team roles; contributing to a positive working environment by building solid relationships with team members and proactively seeking guidance, clarification, and feedback