Job Objectives:
The IS/IT infrastructure is responsible for the operation and security of Qatalum IT/OT infrastructure and services. This position is therefore required to secure system boundaries, keeping IT/OT systems and network devices hardened against attacks and protecting sensitive data. The role also covers governance and compliance against applicable Qatari and international standards.
Job Description:
- Engineer, implement and monitor security measures for the protection of IT/OT systems, networks and informationIdentify and define system security requirements
- Design system security architecture and develop detailed security designs
- Identifies, evaluates and implements security systems, appliances, and tools to enhance productivity and improve asset confidentiality, integrity and availability
- Develop technical solutions, implement and maintain security tools to help mitigate security vulnerabilities and automate repeatable tasks
- Keeps updated on IT security technological advancements and advises on suitability and compatibility within the current Qatalum Environment.
- Evaluates and reviews designs, architectures and configurations for all IT/OT systems and networks to ensure adherence to policies, standards, and best practices
- Conducts regular operational audits on security systems and appliances and ensures that critical data and configurations are backed up and archived properly, and reside in a secure location
- Conducts regular compliance/cyber security audits on all applications and systems to ensure that they are compliant with Qatalum Security Policies.
- Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
- Monitors and analyses activity logs and events across all security systems and appliances and generates daily and monthly summary reports
- Collaborate with colleagues on authentication, authorization and encryption solutions
- Access Control System for IP network (VPN).
- Develop, implement and maintain ISIT Security policies & Procedures.
- Ensure that the company knows as much as possible, as quickly as possible about security incidents
- Investigate intrusion incidents, conduct forensic investigations and mount incident responses.
- Ensures that all access and changes to security systems and appliances are reviewed, controlled and governed by corresponding policies, processes and procedures
- Develop a mechanism to ensure all stake holder within the company are educated and trained in their respective areas to induce security as a culture within the organization. This includes, but not limited to, end Users, Application analysts, Systems and Network Engineers.
- Member of the BCP/DR teams to ensure secure implementation of Infrastructure, Systems and Applications.
- Develops disaster recovery processes and methodologies for the IT/OT security infrastructure
- Active member of the 24*7 IT standby/on-call to provide support in order to ensure maximum availability, reliability and security.
The above statements are intended to describe the general nature and level of the work to be performed. This is not an exhaustive list of all duties and responsibilities. Qatalum’s Management reserves the right to amend and change responsibilities to meet business and organizational needs as necessary.
Minimum Qualifications Required
- Bachelor's degree in an IT related discipline
Minimum Experience Required
- 8+ years' experience in a similar role handling large IT/OT infrastructures
Job Specific Skills
- Certifications in Information Security domains (CISSP, CEH, GIAC)
- Experienced with (or equivalent) the following regulations & frameworks: ITIL and ISO27001, ISA99/IEC62443, Qatari NIAF, National ICS standard.
- Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
- Experience with systems, security, and network monitoring tools
- Thorough understanding of the latest security principles, techniques, and protocols
- Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocol.
- Prior experience in IT/OT heterogeneous environments.
- Knowledge of: Overall understanding of network security principles, routing protocols, TCP/IP suit. LAN/Wireless network security, design and operations. Knowledge of Microsoft technologies and OS. Knowledge of Application, database and Virtualization technologies.
- Problem solving skills and ability to work under pressure
- Understanding of Regulatory Compliance, Risk Management, Privacy.
- Understanding of current and emerging technologies
- Fluent written and spoken English
