𝗤𝗨𝗔𝗟𝗜𝗙𝗜𝗖𝗔𝗧𝗜𝗢𝗡𝗦 & 𝗘𝗫𝗣𝗘𝗥𝗜𝗘𝗡𝗖𝗘 𝗥𝗘𝗤𝗨𝗜𝗥𝗘𝗗
🔸Graduate and/or master’s degree qualifications in either Computer Science, Information Technology, or a related discipline.
🔸10+ years’ experience in a similar role, in large enterprise environments (>1000 users), with multiple geographic locations.
🔸Oil and Gas experience (or manufacturing industries) is preferred.
🔸Professional certifications in Information Security and/or Information technology – CISSP and/or CISM at minimum is required.
🔸Proficiency in performing risk, business impact, control, and vulnerability assessments, and in defining treatment strategies.
🔸Knowledge of and experience in managing, developing and documenting security programs and plans, including strategic, tactical, and operational plans.
🔸Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
🔸Strong communication skills, including written, oral and presentation skills.
🔸Knowledge and experience in Enterprise IT/OT security technologies, services, and processes:
- Information Security models and frameworks (NIST, ISO 27001) and best practices
- Risk Assessment: Operating Systems (Windows, Linux), Network technologies and protocols, Information protection
- Security technologies, tools & controls, including Antivirus, Antimalware, proxies, web filtering and firewalls, XDR, SIEM, IDS/IPS...
- Incident Response processes and tools
- Patch and Vulnerability management processes and tools
- Risk Assessment, Change Management Processes
- Information Classification, Information Protection
- Disaster Recovery, Business Continuity
🔸Professional certification in Industrial Cybersecurity e.g., GICSP or similar) is desirable.
🔸Knowledge of Industrial Cybersecurity standards is desirable.
🔸Exposure to program and project management is desirable.
🔸Vendor management skills and ability to define and negotiate effective SLAs and service KPIs with vendors.
🔸Extensive technological domain knowledge to understand integration of digital products with IT systems & architecture.
🔸Good knowledge of the business to understand business requirements and implications on organization operations.