IT Cyber Security Team Lead
  • United Arab Emirates Dubai
  • WTS Energy
1 year before
31.12.2023
Oversee and Govern
Cybersecurity Management
Job Description

IT Cyber Security Team Lead Job Description

WTS Energy is seeking to hire IT Cyber Security Team Lead role one of its client who is a reputed Oil and Gas operator.

Location: Dubai

Job Purpose

Dual reporting to the Information Technology (IT) Manager and Chief Information Security Officer (CISO), the successful candidate will assume a dual role. As a main responsibility, the IT Cyber Security Team Lead will lead and participate alongside the Cyber Security Engineers in the execution and delivery of all projects and assignments with a day-to-day focus on operations. In addition, they will be responsible for all aspects of business development and operations, to successfully expand the Cyber Security assignments portfolio, and ensure overall operational excellence.

Responsible for the confidentiality, integrity, and availability of the Company’s information by identifying all Information Security risks, creating and maintaining enforceable policies and supporting processes, and overseeing the continued compliance with regulatory requirements International Organisation for Standardisation (ISO 27001), Information Security Regulation (ISR) and all Cyber Security related compliance frameworks like National Institute of Standards and Technology (NIST).

Responsibilities:

1. Responsible to help define and ensure the effectiveness of the Information Security Management Systems.

2. Coordinate the Cyber Security Engineer(s) in their projects and assignment work execution in accordance with the delivery schedule, contractual requirements, and critical path adhering to all policies and procedures.

3. Participate in Information Security related internal and external audits.

4. Define protocols and maturing of 'playbooks' for Operational response to cyber threats and events.

5. Identify and communicate current and emerging security threats and design security architecture elements and controls to mitigate threats as they emerge. Drive the implementation of emerging threat intelligence (IOCs), updated rules, etc.).

6. Work closely with the IT team and the business to ensure that Information Security is considered and involved in project planning and all data is classified according to their confidentialities and criticalities.

7. Report analysis and work with IT team during security incidents. Participate in post-incident reporting and propose enhancement to the systems and IT infrastructure to close the security gaps. Coordinate periodic testing of information security-specific processes, such as incident response plans. Assess and manage security risks related with new projects and existing applications / systems.

8. Track and maintain security risk remediation plans with relevant parties to achieve compliance with security requirements and mitigate identified risks to an acceptable level.

9. Direct the ongoing, proactive risk assessment programme for all new and existing systems and remain familiar with the Company’s goals and business processes so effective controls can be put in place for those areas presenting the greatest Information Security risk.

10. Ensure vulnerabilities are managed by directing periodic vulnerability scans.

11. Develop Information Security Awareness training and education programmes.

12. Peer review and quality control of deliverables produced by the Cyber team – to achieve technical compliancy and successful sign-off.

13. Provide Cyber Security expertise for Industrial Control Systems.

14. Manage supplier relationships and interfaces and advise suppliers on recommended actions relating to active projects.

Requirements

Educational Qualifications:

Degree in Engineering / Computer Science / Information Security / Information Management Systems or related field. Certified Information Systems Security Professional (CISSP) preferred.

Information Security and /or Information Technology industry certification (ISO 27001 Lead Implementer or Lead Auditor) preferred.
Prince II or PMP preferred.
CompTIA Network+, Security+, SSCP, CISM, CISA or equivalent certifications held or working towards.


Experience Profile:

5 - 10+ year’s work experience in Information Security implementation, management, monitoring, and audit.
Proven track-record of understanding security controls and working across the organisation to implement and validate controls.
Experience in coordinating small teams of engineers in their delivery of work on projects and assignments.
Experience in working in ICS, SCADA, and other Operational Technologies.
Oil and Gas Industry experience is preferred.


Competencies/Skills/Others:

Knowledge of NIST, IEC 62443 and ISO270001 cybersecurity frameworks and APTA cybersecurity consideration for oil and gas assets preferred.
The candidate will possess in-depth experience in the IT/Networking field with most recent experience having come from any three of the following areas:

o Penetration testing.

o Application security.

o Malware Reverse Engineering.

o Threat Intelligence.

o Security Architecture.

o Industrial Control Systems Security.

o Telecom and Network security.

o System or Network administration in a complex multi-national network.

o Working in a Security Operations Centre (SOC) or in a Computer Emergency Response Team (CERT/CIRT).

Demonstrated ability to identify automation/orchestration opportunities and developing plan to implement automation.
Ability to communicate effectively with all levels of staff, management, and clients both verbally and in writing.
Strong understanding of latest security principles and protocols.
Strong understanding of security operations technologies including SIEM, endpoint tools and network-based logs.

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003   Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0008   Knowledge of applicable business processes and operations of customer organizations.
  • K0038   Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • K0042   Knowledge of incident response and handling methodologies.
  • K0043   Knowledge of industry-standard and organizationally accepted analysis principles and methods.
  • K0046   Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
  • K0048   Knowledge of Risk Management Framework (RMF) requirements.
  • K0053   Knowledge of measures or indicators of system performance and availability.
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0087   Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design.
  • K0101   Knowledge of the organization’s enterprise information technology (IT) goals and objectives.
  • K0106   Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
  • K0121   Knowledge of information security program management and project management principles and techniques.
  • K0126   Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161)
  • K0167   Knowledge of system administration, network, and operating system hardening techniques.
  • K0169   Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0180   Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • K0624   Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
Required Skills
  • S0018   Skill in creating policies that reflect system security objectives.
  • S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • S0059   Skill in using Virtual Private Network (VPN) devices and encryption.
  • S0138   Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic).
Required Abilities
  • A0128  Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
  • A0161  Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements).