ICS Cybersecurity Specialist

Position:
ICS Cybersecurity Specialist
Location:
Mesaieed / Ras Laffan, Qatar

JOB PURPOSE

To establish, develop, and maintain the company’s Industrial Control Systems (ICS) cybersecurity framework. Responsible for managing cybersecurity policies, audits, incident responses, and ensuring operational technology (OT) networks are secure and compliant with relevant standards.

KEY RESPONSIBILITIES

• Develop and implement ICS cybersecurity management systems, policies, procedures, and risk assessment frameworks.
• Plan and facilitate internal/external audits to identify cybersecurity gaps and vulnerabilities in ICS environments.
• Manage patch deployment for Windows devices across network zones, including standalone devices.
• Identify obsolete OS and plan upgrades in consultation with vendors.
• Consolidate standalone devices and manage configuration reviews for workstations, servers, network devices in OT.
• Participate in design and deployment of cyber solutions (SIEM, IPS, ATP) for OT security.
• Monitor cybersecurity tools and respond to alerts and incidents, leading post-event analyses and incident responses.
• Perform detailed technical analysis of ICS and cybersecurity controls, vulnerability assessments, and audits.
• Identify gaps and recommend mitigation strategies; maintain up-to-date knowledge of OS, network, and ICS security technologies.
• Lead collaboration with cybersecurity experts for ICS risk management, mitigation, and monitoring strategies.
• Secure ICS communication protocols (MODBUS, PROFIBUS, etc.).
• Develop simulated ICS environments for testing and training purposes.
• Participate in Management of Change (MOC) and Pre-Startup Safety Reviews (PSSR).
• Ensure compliance with cybersecurity standards and company policies.
• Participate in safety activities and plant audits; exercise Stop Work Authority when necessary.
• Provide training on ICS cybersecurity best practices and social engineering risks.
• Prepare reports and communicate technical information effectively to stakeholders.
• Support Qatarization initiatives.

QUALIFICATIONS & EXPERIENCE

• Education:Bachelor’s degree in Electrical, Electronics, Process Control, Instrumentation, Automation, Mechatronics Engineering, Cybersecurity, Computer Engineering, or related IT discipline.Master’s degree preferred.
• Experience:Minimum 5 years in control systems engineering, DCS/PLC/SIS support, or instrumentation maintenance, preferably in Oil & Gas or chemical industries.At least 3 years of direct ICS/OT cybersecurity experience.Preferred: 7+ years in control systems and 5+ years in ICS cybersecurity.
• Technical Skills & Certifications:Strong expertise in Windows OS, Active Directory, Group Policy, and security tools.Knowledge of ICS cybersecurity standards including ISA/IEC 62443.Experience with cybersecurity controls: firewalls, IDS/IPS, access control, antivirus, patch management, logging, incident handling.Skilled in vulnerability assessments, penetration testing, and technical risk assessments.Experience with network routing, switching, TCP/IP, and physical cabling for ICS.Experience with DCS systems such as Emerson, Honeywell, or Yokogawa preferred.Certifications such as ISA-62443 Level 1/2/3, CISSP, GICSP, CCNA, MCSE are highly desirable.
• Other:Excellent communication, interpersonal skills, and ability to manage multiple projects.Familiarity with local ICS security standards (e.g., ICT Qatar) is a plus.