Specialist- OT Cybersecurity Architect III

Job Description

1. JOB DETAILS:Position Title: Specialist: Cyber Security ArchitectBroad Band: M09 - ProfessionalDepartment & Function: Ma?aden Cyber SecurityTalent Pipeline Layer: Manage Self: Expert/Consultant (MS)2. OVERALL JOB PURPOSE:The Cyber Security Architect works across the entire Cyber Security division. This position is responsible for defining and managing enterprise Cyber security architecture overall Ma?aden Corporate and Affiliates in Saudi Arabia, India, Malawi, Zimbabwe, Mozambique, South Africa and Mauritius. The incumbent will also be responsible to ensure appropriate technical standards and security controls are defined for the group IT infrastructure and applications as well as cross group assets. Also performs evaluation and selection of new security solutions. Build the enterprise security architicture and participate in the design reviews of Maaden mega projects and expansion plans.3. QUALIFICATIONS, EXPERIENCE & SKILLS:Qualification: 1. Bachelor degree in Computer Science or Information Systems with an advanced degree desirableExperience: 1. At least 2-4 Years relevant experienceSkills: 1. Good understanding of Cyber Security standards (ISO27001, 22301, 9001, NIST)2. Information Security Certification ( CISSP / ISO27001 / ISA/IEC 62443)3. Certification in Enterprise Architecture is a plus (e.g. OpenCA Master Architect, TOGAF 9 Certification)4. Good understanding of IT technologies and services.5. Good understanding of business functions and processes.4. KEY ACCOUNTABILITIES:Focus AreaGet results through individual expert contributions, influence & effortsOperational / Functional1. Security Architecture:- Define the Enterprise Security Architecture to effectively support the corporate business strategy and affiliates growth plans in the seven countries- Support the implementation of new security solutions to define and manage Enterprise Security Architecture at Ma?aden.- Identify new security solutions to be implemented at Ma?aden.- Perform technical evaluation of security solutions and shortlisting of vendors.- Provide SME technology guidance, road maps, principles, standards and best practices to deliver and maintain the Cyber Security Architecture strategic roadmap.- Assess controls around protection of information in emerging technologies and market trends in Cyber Security (social media and cloud computing).- Reports key Security Architecture issues for escalation and decision.2. Strategy, Governance & Compliance:- Define and manage the Ma?aden Cyber Security Architecture policies, standards and Standard Operating Procedures (SOPs) to be adopted across the organization.- Technically represent the Ma?aden Cyber Security Architecture when collaborating and discussing on architectural decision with other Ma?aden departments (IT/OT)..- Ensure that Cyber Security policies, standards and Standard Operating Procedures (SOPs) are applied into the different archtictural designs.- Ensure all Cyber Security Architecture policies and practices are established, understood and executed per the defined policies and procedures- Monitor, Control, and Enforce compliance to Ma?aden Cyber Security Architecture policies and standards. Consistently deliver solutions which contribute to business results and improved competitiveness (consulting advice, business options)2. Deliver quality solutions/ service cost effectively on time and within risk parameters3. Provide advice that are generally accepted and implemented on programmes and systems, creating a competitive advantage for organization, leading to quality results4. Continuously develop extensive knowledge relating to the field of work and personal mastery in technical skills application5. Deliver Cost effective results6. Risk results7. HSE targets8. Conduct Research & Development that leads to new solutions being implemented in the organizationLeadership1. Capability building:- Key SME of the Cyber Security Architecture ?Competence Centers? that will serve as best practice authority on methodologies and procedures- Builds awareness of Security Architecture policies and standards through Training & awareness- Subject Matter Expert in Cyber Security Architecture Coaching and Problem solving- Mentor and coach the team both Technical and managerial1. Understand, support and live the Maaden vision, values and goals2. Expert utilization & direction through selling and obtaining support for value adding ideas leading to business improvement3. Takes accountability for personal improvement, personal development, skills development and effectiveness4. Expertise transfer, sharing and development5. Plan and project management6. Establish Policies, practices, standards, procedures and methods; application, review and development7. Deliver expert solutions as a thought leader, to meet changing business & work requirements through Trends, analysis, problem solving and quality decision making8. Process and risk impact, reporting and corrective action9. Extract, capture and disseminate Knowledge within knowledge management standardsRelationships1. ICT-SSWork and support ICT functions to reflect adequate Cybersecurity archticture and controls within IT environments across Maaden, conduct periodical risk assessment on IT infrastructure before and after any IT implementations or major changes and confirm the level of security and compliance against the Cybersecurity controls, support IT projects by reviewing security architecture and ensure proper security controls are considered.2. Ma?aden affiliates Align and build the relationship with the several business functions in Maaden to ensure proper implementation of Cybersecurity controls in the seven countries covering: aligning the Cybersecurity enterprise architicture, ensure Cybersecurity archticture principals embedded part of the Affiliates designs, conduct periodical risk assessment on operational processes and IT infrastructure and confirm the level of compliance against the Cybersecurity controls, support the IT projects by reviewing security architecture and ensure proper security controls are considered. 3. Operational Technology (OT) and Industrial Control Systems (ICS) Stakeholders in Maaden Support and provide the OT and ICS functions across Maaden with required guidelines, policies, procedures, security architecture and controls to improve the IT / OT convergence and integration. conduct periodical risk assessments to confirm the level of maturity and compliance of IT security controls. 4. Security Service providers Select and work with the potential security vendors that can provide required consultancy services. Support and maintain strong relationship with the vendors to ensure sustainable and efficient support level.1. Creating effective stakeholder and expert networking relationships (e.g. customers, suppliers, universities and specialist bodies)2. Demonstrate influential relationships with manager peers and company business leaders3. Contractor/consultant relations & management4. Communication of expertise (best practices, technical reports, position statement) in a collaborative and consultative approach which consistently meet business needs5. Develop and facilitate the implementation of New solutions in area of expertise6. Participate in and maintained expert networks5. COMPETENCIES:Technical/Functional1. Cyber Security Risk Management2. IT Service Management3. ISO 27001 - Security Governance / Audit4. ISO 27002 - Information Security Controls5. ISO 27005 - Risk Management6. Enterprise Architecture7. IT/Solution Architecture8. Security Architecture Controls Implementation9. Cloud Security10. Product / Vendor Security Certifications11. ISA/IEC 62443Leadership1. Leadership2. Teamwork3. Integrity4. Care5. Ownership6. Accountability7. Communication8. Time Management, Planning and OrganizationSafety? Safety advocate - anywhere and everywhere? Advanced awareness and understanding of HSE rules and procedures? Concern for own wellbeing and that of others? Ability to pro-actively identifying safety hazards and act accordingly

Keyskills :