• Ensure SIEM technology is integrated & utilized to protect OT/ICS Cybersecurity Systems across the sites.
• Maintain monitoring baseline system security for OT/ICS Cybersecurity Systems and supported infrastructure according to organizational policies and operational standards. Assist and support OT/ICS systems custodians to apply the baseline system security.
• Perform analysing, designing, developing and delivering solutions to stop adversaries from attacking OT/ICS cybersecurity resources and it is supported infrastructure technology resources.
• Perform system administration on Security Information and Event Management (SIEM) application and systems for OT/ICS environment to include installation, configuration, maintenance, backup, and restoration as per operational procedures.
• Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities.
• Identifying cyber threats to OT/ICS Cybersecurity systems and equipment.
• Building/Recommending specific use cases/correlation rules related to the environment to best detect the attacks and threats that could be imposed to the OT/ICS Cybersecurity systems and equipment.
• Manage SIEM system deployments, upgrades, ongoing maintenance and operations.
• Audit setting recommendations and Integration of End Point devices for logging and monitoring based on the best practices for OT networks.
• Content development and Fine tuning of use cases/correlation rules based on the relevant attacks and threat landscape of the OT network and Organization.
• Active threat hunting across the network to continuously monitor for vulnerability and threats that could cause potential damage to the OT infrastructure.
• Visiting Sites to perform the related Cybersecurity Activities

• Bachelors degree in information security, Computer Science, Electronics / Instrumentation Engineering or similar discipline/related field.
• More than 10 years of experience in information security and ISMS/CSMS development and implementation with at least 5 years of experience in IT/OT Cybersecurity consultancy/Operation preferably in the oil and gas domain
• Strong analytical and problem-solving skills.
• Has worked on enterprise-wide projects within organizations with similar project scopes.
• Excellent written and verbal communication skills in English.
• Ability to work independently and as part of a team.
• Experience with security frameworks and standards (e.g., UAE IAS, ISA 62443, NIST, Shell DEP, ITIL etc.)
• Professional security certifications such as GICSP, CISSP, CISM,CISA, ISA 62443 fundamentals or ISO 27001 Lead Implementer/Lead Auditor.
• Content development and Fine tuning of use cases/correlation rules based on the relevant attacks and threat landscape of the OT network and Organization.

Duncan & Ross