Role: Security Engineer/Senior Security Engineer – Operational Technology (OT)
Department: Cyber Security (Service Delivery & Professional Services)
Jobholder: TBD
Reports to: Service Delivery Manager

Basic Responsibilities:

This position will be responsible to ensure the implementation, management, monitoring, and support of Operational Technology Networks and Security.

Summary of the job:

  • Support clients in assessing, improving, and maintaining the cybersecurity posture of their OT environments to mitigate security risks (e.g., insider and external threats, intentional and accidental).
  • Audit of OT environments and performing risk/vulnerability assessments (e.g., unsecure remote access points, suspicious remote connections, unauthorized devices on the network, etc.) and providing recommendations to remediate the identified issues
  • Developing and implementing client specific cybersecurity roadmaps that prioritize the remediation of cyber threats, based on the likelihood of occurrence and magnitude of cost/consequence of a security incident.
  • Create and implement mitigation plans for clients to remediate vulnerabilities and provide support during the remediation efforts.
  • Assist in reviewing and developing OT Cybersecurity programs, security policies, and plans, and provide guidance to help clients improve their existing OT security programs.
  • Taking inventory of client’s hardware & software assets and assessing those assets for security vulnerabilities, obsolescence, and other risks
  • Reviewing network architectures and determining if good practices are being followed (e.g., the “zones & conduits” concept, proper network segmentation, use of Industrial DMZ, etc.); and providing recommendations to comply with applicable cybersecurity framework
  • Reviewing security products utilised (e.g., firewalls, IDS, IPS) and determining if they are configured properly
  • Deploying network infrastructure devices (e.g., switches, routers, etc.), security appliances (e.g., firewalls, IDS, etc.), and virtualization solutions
  • Reviewing security policies, plans, and procedures; assessing network monitoring capabilities; analysing system logs, security events, and packet captures to identify security threats; and providing recommendations to comply
  • Creating detailed diagrams (e.g., network, cabling, server, rack, logical architecture, etc.), procedures, and plans (e.g., implementation, SAT, mitigation, etc.) as needed to support projects
  • Servicing and support to clients
  • Monthly SLA reporting
  • Remote support where necessary
  • Standby duties

The Jobholder will need to be strong in the following:

  • Protecting OT systems (including ICS) in critical infrastructure and key resource sectors such as mining.
  • Understanding of ICS fundamentals including but not limited to: – distributed control system (DCS) and supervisory control & data acquisition (SCADA) architecture and the role of common system components; – understanding of ICS design considerations with emphasis on human safety and the availability/security of operating environment; – knowledge of IT and OT security best practices and understanding of the differences; – understanding of protocols common in ICS environments; – preparation, review, and maintenance of documents, policies, and standards governing the security operations for ICS equipment and networks.
  • In depth understanding of operating systems, network/system architecture, and IT architecture design • Experience with operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS) • Understanding of IT and OT network communication protocols (including TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, and PROFINET) and ability to perform packet analysis
  • Understanding of threats, vulnerabilities, and exploits in ICS environments and appropriate mitigation techniques
  • Experience working in ICS cyber security or applicable IT security role with willingness to learn uniqueness of ICS cyber physical systems
  • Strong understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST SP 800-82, CIS, etc.)
  • Strong understanding of OT network communication protocols (e.g., Ethernet/IP, CIP, Modbus, OPC, etc.) and industrial networking topologies (e.g., ring, star, etc.)
  • Demonstrated technical skills to analyse, design, and deploy complex Ethernet/IP architectures and communication technologies
  • Understanding of MITRE ATT&CKS for ICS or NERC CIP frameworks
  • Understanding of general cybersecurity frameworks (ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53)
  • Ability to perform vulnerability / penetration testing in ICS/OT environment, and/or threat hunting
  • Prior experience Control System Engineer or SCADA Engineer working in mining, manufacturing, or power generation facilities
  • Industry experience in Mining
  • Cloud Security skills
  • Azure Cloud skills
  • Identity and Access Management
  • Microsoft technology stack skills including Active Directory
  • Microsoft Identity and Access Management Solutions
  • System Administration skills
  • Report Preparation and Presentation
  • IT Technical Skills

The following qualifications and certifications will be preferred:

  • Minimum Grade 12 with I.T. related degree or related qualification from a tertiary institution preferred
  • 5+ years’ experience in Information Technology/Security (Implementation and support of OT/ICS Security products preferred)
  • Security+ Certification
  • Certified Information Systems Security Professional (CISSP)
  • Degree in Engineering (Electrical, Mechanical, Chemical, or similar), Computer Science, or similar scientific / technical field
  • Certified SCADA Security Architect (CSSA)
  • GIAC certifications (e.g., GICSP, GRID, Critical Infrastructure Protection)
  • ISA/IEC 62443 Cybersecurity Certificates
  • Networking certifications (e.g., CCNA, CCNP, JNCIP-ENT, etc.)
  • Cybersecurity certification (e.g., CEH, CISA, CISM, CCSP, etc.)

Closing Date

31 December 2021

Your application must include:

An updated CV, motivational letter and relevant certificates.