Job Description

Posting Date:

19 Mar 2025

Requisition ID:

2617

Company:

NAWAH

Location:

Barakah

Posting Status:

Active Recruitment
Job Purpose

The OT Senior Cyber Security Assurance and Risk Specialist will be responsible for ensuring ENEC Operations' compliance with the cyber security program and FANR regulations. This role involves performing security assessments, security architecture reviews, risk and vulnerability management, and managing key internal and external stakeholders to maintain a robust cyber security posture.

Key Activities, Responsibility & Accountability

OT Network and System Security assessment

Responsibilities and Accountabilities:

Lead Analyze and assess vulnerabilities in the OT infrastructure (software, hardware and network). Lead the Investigate vulnerability remediation, alternative controls and/or best practices to remedy detected OT cyber security vulnerabilities. Conduct cyber security risk assessments and impact analysis for any changes or modifications made to critical digital assets within the Nuclear Power Plant.Security monitoring and forensics

Responsibilities and Accountabilities:

Perform security monitoring, security and data/logs analysis and compromise assessments of OT systems to detect security incidents and root causes of incidents. Lead the Investigate and utilize new technologies and processes to enhance OT security capabilities and implement improvements. Perform security audits and assessments to verify the effectiveness of security controls.Security Architecture design

Responsibilities and Accountabilities:

Perform design reviews for OT systems and provide security requirements. Lead the identification of gaps and provide recommendations of how to close those gaps. Assist in the evaluation of all modifications to CDA before implementation ensuring that new/modified CDAs are reviewed and CDA assessment performed accordingly.Responsibilities and Accountabilities: Supports the personnel department and all correlating functions such as Information security in reporting and recommending enhanced security solutions. Ensure all Action Requests (ARs) are monitored, reviewed, actioned, and closed within agreed time parameters. Assists the Head of Information Security Assurance in the preparation of the annual section budget. Offer training and share knowledge with staff on OT cyber security best practices. Perform periodic awareness campaigns to promote safe and secure OT security behaviors on plant including procedures for using and handling Portable Mobile and Media Devices (PMMD) in the plant. Support FANR inspections with applicable data and information as required and follow up any remedial actions. Promote a culture of Cyber Security within ENEC Operations.Risk Assessment & Management

Responsibilities and Accountabilities:

Lead and conduct comprehensive risk assessments of the organization's information systems and infrastructure. Identify, assess, and prioritize risks to ensure effective mitigation strategies are developed and implemented. Conduct regular risk assessments and vulnerability assessments. Identify and mitigate potential security threats to the organization's information systems. Maintain and update the organization's risk register and tracks the risk entered. Perform threat modelling to anticipate potential security threats and vulnerabilities.


Responsibilities & Accountabilities (contd.)
Professional Certifications
Qualifications

Bachelor's degree in computer science, or Information Technology or Cyber Security, or equivalent

Experience

5 years of relevant experience
Pref -
Bachelor's degree in computer science, Information Technology, Cyber Security, or equivalent with 10 years' experience, or MSc in Information Security or equivalent with 8 years' experience.
Certified Information Systems Security Professional (CISSP), Global Industrial Cyber Security Professional (GICSP), Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), ISA/IEC 62443 Cybersecurity Expert