We are seeking a highly skilled and experienced Cyber Security Engineer to manage and enhance our IT,
Operational Technology (OT), and Internet of Things (IoT) security infrastructure. The ideal candidate will
protect our systems from cyber threats, ensuring data integrity, confidentiality, and availability. Additionally,
the candidate will design IT security systems based on diagrams from IT consultants, collaborate with external
security system integrators for IT, OT, and IoT network design, and coordinate with vendors for the physical
implementation of the security network from scratch.
You must liaise and communicate with the IT Project Leader, providing regular updates on the project's
progress.
Responsibilities
- Develop and implement comprehensive cybersecurity (CS) strategies for both Information Technology (IT), Operational Technology (OT) and IoT environments.
- Design and deploy security solutions and technologies to protect IT, OT, and IoT systems.
- Conduct risk assessments and vulnerability analyses to identify and mitigate potential security threats.
- Design and implement a Cybersecurity Incident Response, planning end-to-end incident response
- including developing a detailed response playbook.
- Manage and monitor security tools and technologies, including firewalls, intrusion detection systems, and anti-virus software.
- Implement and manage access control systems and identity management solutions.
- Perform regular security assessments, penetration testing, and security reviews of IT, OT, and IoT
- systems.
- Develop and implement security measures specific to IoT devices and networks.
- Ensure secure deployment and management of IoT devices, including firmware updates and patch
- management.
- Assess and mitigate risks associated with IoT devices and their integration with IT and OT systems.
- Implement endpoint security solutions to safeguard IT and OT devices, including computers, servers, and industrial control systems.
- Develop and enforce endpoint security policies, ensuring compliance and protecting against malware and unauthorized access.
- Conduct regular vulnerability assessments and penetration testing on IT, OT and IoT systems, identifying weaknesses and recommending appropriate security measures.
- Prioritize and remediate vulnerabilities, ensuring systems are up to date with security patches and configurations.
- Stay current with cybersecurity regulations, standards, and best practices relevant to both IT, OT IoT environments.
- Ensure compliance with industry regulations (such as NIST, IEC 62443) and internal security policies.
- Maintain documentation of security policies, procedures, and incidents
- Provide cybersecurity awareness training to Employees, MP Members, and third-party vendors, emphasizing the importance of security practices and policies.
- Foster a culture of cybersecurity awareness within the Company.
Qualifications
- Bachelor’s/master’s degree in engineering or in related field.
- Minimum 5+ years of work-relevant experience in cybersecurity.
- Experienced with SIEM integration and optimizing log backup and restore.
- Expert knowledge in NIST & ISA 62443.
- Experience in security protection implementation (e.g., WAF, IDS/IPS, EDR, endpoint hardening).
- Able to use security tools to do vulnerability assessment (API, Web, Mobile)
- Good knowledge of OWASP Top 10 and SANS
- Passionate about Cyber Security trends and technology
- Having strong analytical skills, creative and critical thinking is a must
- Preferable training/certifications in any of these ISA 62443, CISSP, GIAC, ICS-CERT, or SANS.
- The Global Industrial Cyber Security Professional (GICSP) certification advantageous
