Location – Doha, Qatar
Our client is seeking a passionate Cyber IOT and OT (Operational Technologies) to join a world leading practice focused on protecting mission critical systems and national critical infrastructures. This role is a critical part of an operational service to protect some of the world’s leading organizations from Cyber threats that span more than just IT. The successful candidate will work closely with the regional cyber leadership. The candidate is expected to possess strong knowledge and skills on OT/IOT security
The role
As a Senior Consultant in Cyber security, you will support in delivery and preparing solutions for moderately complex projects – or for elements of highly complex projects – also you will be supporting client presentations and in designing proposals and be engaged in on-site and off-site delivery.
Drawing on your skills and experience, you will contribute to creating innovative insights for clients, adapt methods and practices to fit operational team and cultural needs, and contribute to thought leadership. In addition, you will support the packaging of overall project findings into clear, concise, high-quality work products.
While reporting to the AIM “Africa, India and Middle East” Cyber Security leadership, you will be contributing as a subject matter resource for OT/IOT Cyber Security topics applicable to the firm’s Cyber Security Strategy.
As a respected senior professional, you will communicate effectively with the firm’s engagement managers, directors, and partners.
Key responsibilities
- Participate in OT/IOT cyber-Security transformational and long-term strategic engagements
- Be able to advocate innovative cyber security offerings
- Understand all of the firm’s service offerings and actively identify opportunities to better serve clients
- Build strong internal relationships within the team and with other services across the organization.
Skills and attributes
You will have at minimum 3 years of experience in Information security and OT/IoT cyber security preferably within the Energy, Utilities and Transportation Sectors and capable of demonstrating knowledge in the below areas:
- Solid understanding of the OT and IoT cyber security concepts
- Working knowledge of security frameworks and enterprise architecture for OT and IoT
- Experience with the full lifecycle of OT/ IoT including, design, device provisioning, commissioning, and remote device management
- Strong analytical and problem-solving skills
- Knowledge of OT/IoT products and technologies, including, but not limited to Honeywell, Microsoft, GE, Siemens and ABB product families and platforms
- Solid understanding of applicable best practices and security standards such as NERC-CIP, ISA99 (IEC 62443), NIST 800-82…etc
- Internationally recognized technical certifications in relevant areas
- Certified as GICSP “Global Industrial Control Systems Professional” is highly recommended.
Technical skills for OT
- Capable of Evaluating the cyber risks to systems such as SCADA, DCS, Smart Grids, DMS, and ECS systems architectures
- knowledge of Industrial networking protocols security such as DNP3, Modbus, Profinet, ZigBee, IEC 104..etc.
- Good understanding of unidirectional firewalls, host-based firewalls, Anti-Malware, HIDS in plant and operational environments
- Good understanding of OT cyber tools such as Nozomi, Industrial defender, Dragos, Cisco cyber vision, Forscout…etc
- Knowledge of OT/IoT Capable SIEMs, security events logging and monitoring technologies and platforms such as Microsoft Sentinel, Honeywell Forge, Industrial defender, Splunk, Arcsight, QRadar, Log Rhythm or others
Technical skills for IoT
- Familiarity with various IoT technical concepts such as JSON, OAUTH, ZIGBEE, and MUD
- For IoT knowledge of protocols such as Extensible Messaging and Presence Protocol (XMPP), Data-Distribution Service (DDS), Advanced Message Queuing Protocol (AMQP)
- And Lightweight M2M (LwM2M)
- Knowledge of Microsoft IOT Defender
Additional requirements
- Bachelor’s degree in Electronics Technology, Computer Engineering, Electrical engineering, mechatronics or similar specialization in the electronics, embedded systems, PLC, wireless (radio), networking, and/or ICS technology field
- Demonstrated track record with a blue-chip consulting organization and/or a blue-chip organization is appreciated
- Relevant professional qualifications such as GICSP, Microsoft Azure AZ-220, CISSP, ISA99 certifications, ISO 27001, CCSA, CCSE, CRISC, CCSP, EC-Council Ethical Hacker.
AVTRME0008