This Operational Technology security expert role is critical, project focused role. It is a dedicated role to ensure the resilience of Industrial Control Systems (ICS), SCADA and other OT environments across all major projects, including plant upgrades, system modernization, and new installations.

Key Responsibilities

The OT Cyber Security Specialist's primary focus will be on integrating security throughout the lifecycle of the major projects, from the initial design requirements through to operational handover:

• Project Specific Security Management

• • Ensuring compliance with organizational policies, Qatar National ICSSS, and ISA/IEC 62443 requirements.
  • Ensuring "secure by design" principle is applied to all major OT projects.
  • Conducting threat modelling and comprehensive OT specific Risk Management for all new systems.
  • Oversighting of the secure configuration, deployment and commissioning of all OT systems.
  • Creating configuration baseline for all new systems.
  • Following up related works to ensure security requirements are met by third party contractors.
  • Defining and participating on security focused Factory acceptance tests, and Site Acceptance Tests to validate security posture before deployment.

• OT Security Architecture and Standards

• • Designing secure network architectures based on the Purdue Model.
  • Overseeing Vulnerability assessment on new systems.

• Operational Support and Incident Response

• • Participating in the development and testing of the OT specific incident response plans.
  • Ensuring smooth handover by conducting training and awareness sessions for both OT and IT staff on the security posture and maintenance of the new systems.

Qualifications and experience

• Must have a bachelor's degree in Cyber Security, Information Technology, or Engineering related field.
• Minimum 5-7 years of experience in Cyber Security, with at least 3 years focused on operational technology.
• Excellent communication, documentation, and stakeholder management skills.
• Proven experience managing the security lifecycle within large scale industrial projects.
• Deep understanding of industrial protocol, DCS/PLC systems and Purdue model.
• Understanding of OT IDS and asset monitoring technologies.
• Strong knowledge of OT security standards and frameworks.

Preferred Certifications

• Global Industrial Cyber Security Professional (GICSP)
• ISA/IEC 62443 Certification(s