Cybersecurity Engineer

Roles and responsibilities

• Engineer, implement, and monitor security measures for the protection of ICS systems or SIS systems, related networks, and information, while identifying and defining system security requirements.
• Design ICS systems security architecture and develop detailed cybersecurity designs adhering to standard blueprints and best design practices.
• Engage in the entire software/system lifecycle, encompassing design, documentation, installation, configuration, and testing.
• Manage System Backup technologies like Acronis & other providers, including installation and deployment.
• Deploy and Manage End Point Security & Application Control Solutions from McAfee & other providers, as well as SIEM solutions like McAfee, Splunk, Q-radar, & other providers.
• Implement and manage network-based firewalls (e.g., Fortinet, Palo Alto, CISCO, SonicWALL, Siemens, etc.), network troubleshooting, and intrusion detection products.
• Install and manage Network Management Solutions.
• Conduct firmware updates for various Automation Control Systems, Switches, Firewalls, etc.
• Configure and deploy Domain Controller settings and policies to defined computer groups.
• Implement host-based security technologies such as Antivirus, Data Leakage Prevention, Host IPS, Whitelisting, and Anomaly Detection.
• Perform installation, configuration, and testing activities at both factory (manufacturing facility) and customer sites, with experience in Factory Acceptance Testing (FAT) and Site Acceptance Testing (SAT).
• Prepare comprehensive system documentation including Functional Design Specifications, Backup Systems documentation, Firewall configurations, Network Diagrams, System Architectures, Asset Inventory, FAT and SAT procedures, and Operation & Maintenance manuals.i

Desired candidate profile

• Education and Certifications:
• Bachelor’s degree in engineering (Electrical Engineering, Computer Engineering, or related field). A degree in Cybersecurity is preferred.
• Valid certification in OT security (e.g., CISSP, GICSP, OSCP) are highly desirable.
• Professional Experience:
• Minimum of 5 years as Design/Site Engineer with experience in IT/OT security, with Proven experience in ICS Systems and Cybersecurity, with a focus on OT security.
• Knowledge of Shell Design and Engineering Practices (Shell DEPs), Oil & Gas engineering practices, applicable specifications, codes, and international standards.
• Familiarity with the Oil and Gas industry and its specific cybersecurity challenges.
• Demonstrated experience in executing sizable EPC jobs for brownfield Oil and Gas projects.
• Ability to manage multiple priorities in a dynamic environment.
• A minimum of 5 years professional experience in large EPC projects
• A minimum of 3 years professional experience in design, engineering, and site execution.
• Key Skills and knowledge:
• VxRail Clusters and other Virtualization Platforms and Management Client/Consoles.
• Backup Systems, Patch Management, Data diodes, and Workstations.
• Domain Controller, PDC/RADIUS Server.
• Endpoint protection solutions including McAfee Complete Endpoint Protection, Protect PLUS Business Software, McAfee MOVE Antivirus for Virtual Servers, and McAfee Application Control for Servers Protect PLUS Business.
• SIEM (Security Information and Event Management) solutions.
• One-Way Data Diodes for Industrial Control Systems (ICS) with hands-on experience for ICS OWL software.
• IDS Physical Appliance based on Nozomi Guardian / Dragos or similar solution providers.
• Network-based firewalls.