Roles and responsibilities
Roles in this level have prime responsibility to implement and maintain the established Cyber Security procedures and controls for all Automation systems. Ensures that all the established Cyber security controls for various domains of OT Cyber security are implemented by all the Automation groups. Continuously monitor the installed Cyber solutions and keep them updated with latest security updates and threat feeds. Continuously monitor the control system for potential cyber vulnerabilities and implement the vulnerability management program.
Participate in risk analysis of the implemented Cyber controls on a regular basis and execute risk reduction strategies. Actively participate in the Incident management process and maintain Disaster Recovery Plans.
Key Accountabilities:
- Ensure the Automation systems remain protected against cyber threats by implementing all the identified Cyber security controls to achieve highest on-stream factor of the production plants.
- Regularly follow up the compliance requirements set by company to protect the automation assets and to ensure business continuity.
- Execute and support various Automation Cyber Security Projects, prepare cost proposal and coordinate - engineering tasks, planning, procurement, manpower hiring, erection & commissioning.
- Work closely with all stake holders and vendor representatives, conduct necessary project meetings and acceptance tests.
- Follow company procedures for change management.
- Planning, prioritization, execution, and monitoring of engineering activities to ensure compliance to sound engineering principles and practices.
- Develop new control strategies for enhanced cyber protection.
- Participate in the analysis of Automation cyber incidents, involve vendors as required to establish root cause and implement the corrective / preventive actions.
- Organize the gathered information to improve the Automation System availability / uptime.
- Maintain the existing frame contracts.
- Spares planning and periodic review of ROL, based on consumption, to ensure spares availability.
- Keep informed of technological developments in area of responsibility to identify and recommend opportunities for increased effectiveness and/or cost reduction.
- Work closely with Cyber solution suppliers and keep up to date with the latest development.
- Review inputs for development of group operating budget ensuring adequate provision has been made for the funding of all anticipated activities.
- Monitor performance against approved levels to ensure effective cost control.
- Ensure that the technical Documentation are current.
- Continuously monitor and optimize the work process and execution.
- Training of new and/or trainee Engineers to ensure that they are equipped with the necessary skills to independently perform their tasks. Exchange knowledge with colleague Engineers.
Desired candidate profile
- Bachelor’s degree in Electronics & Instrumentation Engineering or relevant discipline.
- 5 years direct and relevant experience.
- Certification in Network Management and Cyber security from ISA/CISCO / Microsoft is preferred.
- Working knowledge with various Automation Systems (Honeywell, Triconex, Siemens, ABB, Allen Bradley, GE Mark VI & VIe).
- Having knowledge of data backup and data restore policy. Develop and implement the data backup and data restore procedures and systems necessary to ensure complete information systems (IS) disaster recovery capability.
- Understand networking topologies and protocols.
- Understand the data protection and security software used in the organization.
- Know the purpose, theory and operation of compressor control systems and system components; utilize correct operation and monitoring procedures. Refer to Bently Navada System. Woodward speed control and Triconex, Trident and Trisen Systems.
- Know and apply national and international codes, standards and recommended practices used in the oil and gas industry related to DCS, ESD, F&G, SCADA and Instrumentation systems.
- Know how a distributed control system (DCS) operates; identify purpose of components and auxiliary systems; utilize correct maintenance and troubleshooting procedures and methods and recognize and protect personnel from hazards.
- Know how integrated control and safety system (ICSS) Triconex, Honeywell Safety manager operate, the purpose of components and auxiliary systems, and correct maintenance and troubleshooting procedures and methods and recognize and protect personnel from hazards.
- Know how to identify cybersecurity threats or incidents, respond to network attacks and remediate them, and how to restore the systems or infrastructure.
- Know the procedure for management of change; update drawings and documentations for changes to facility equipment or process, understand management of the changes via company management of change system.