Senior Specialist, Cybersecurity infra. & Device Management II

1. JOB DETAILS:

Position Title: Senior Specialist, Security Device Management

Broad Band: M10: Professional

Department & Function: Ma’aden Cyber Security

Talent Pipeline Layer: Manage Self: Expert/Consultant (MS)

2. OVERALL JOB PURPOSE:

Senior Specialist is responsible of implementing, managing and maintaining Cybersecurity related infrastructure and devices. The responsibilities would include performing regular health checks and upgrades, performing the required patching and maintenance activities, managing the assets register and inventory of security devices, coordinating with technology providers to provide required maintenance and support and work with Ma'aden ICT and OT operations to perform related infrastructure activities across Ma'aden in Saudi Arabia, India, Malawi, Zimbabwe, Mozambique, South Africa and Mauritius

3. QUALIFICATIONS, EXPERIENCE & SKILLS:

Qualification:

1. Bachelor degree in Computer Science or Computer Engineering with an advanced degree desirable

Experience:

1. 4-6 years of experience in Cybersecurity technologies and networking experience

Skills:

1. Very Good Knowledge in IT Security.
2. Strong TCP/IP networking skills.
3. Technical knowledge in security products (i.e. Firewalls, IPS, EDR, Email Security ...etc.)
4. Customer service background.
5. Communication skills
6. Good knowledge or certification ISO 27001

4. KEY ACCOUNTABILITIES:

Focus Area

Get results through individual expert contributions, influence & efforts

Operational / Functional

1. Cyber Security Operations Management:
- Perform daily monitoring, maintenance and improvements as needed to the security solutions deployed across Ma’aden on the perimeter, infrastructure, network-level, system-level and database-level
- Build, configure, and deploy security devices and services.
- Troubleshoot security devices.
- Cooperate with device vendor organizations during repair of devices.
- Maintain cyber threat situational awareness of internal and external threats and vulnerabilities through enhanced monitoring capabilities and oversight of systems and processes used to assess security
- Monitor users, applications, networks, systems, and access to physical assets
- Perform periodic review of audits logs (includes review and retention) of applications, networks, systems, and access to physical assets
- Perform periodic user access review across Ma’aden’s registered users
- Conduct physical and logical security control assessments (vulnerability assessment), security monitoring, detection, and security status reporting to enable informed decisions
- Scans, analyzes, and apply countermeasures of vulnerabilities
- Detects, analyzes, and eliminates viruses and malicious code
- Work independently on low to medium complexity device implementation projects.
- Work under pressure on multiple projects (i.e. multi-task) with tight schedules.
- Interface with a variety of clients Ma’aden corporate and Affiliates in a polite, positive, and professional manner.
- Perform basic project management functions on all projects.
- Apply a broad base of hardware, software, and networking technical knowledge.

2. Cyber Security Compliance:
- Execute Cyber Security policies and procedures in the manufacturing environment
- Provide input on the Cyber Security standards in terms of manufacturing and operational technologies in cooperation with Enterprise Cyber Security team and Process controls owners in Ma’aden affiliates.
- Comply with auditing activities to ensure security policies, requirements and best practices are effectively applied

1. Consistently deliver solutions which contribute to business results and improved competitiveness (consulting advice, business options)
2. Deliver quality solutions/ service cost effectively on time and within risk parameters
3. Provide advice that are generally accepted and implemented on programmes and systems, creating a competitive advantage for organization, leading to quality results
4. Continuously develop extensive knowledge relating to the field of work and personal mastery in technical skills application
5. Deliver Cost effective results
6. Risk results
7. HSE targets
8. Conduct Research & Development that leads to new solutions being implemented in the organization

Leadership

1. Performance Management
Execute and monitor the Cyber landscape and infrastructure performance according to the identified KPI's and measures.

Relationships

1. ICT-SS
Work with ICT functions to execute required projects to implement security solutions and technologies, provide technical support related to any security products issues andconduct regular health check review on the integration points between Cybersecurity and IT infrastrcutures.

2. Cyber Security
Collaborate with the other cybersecurity functions to ensure proper adherence and update to the latest security controls and design to be reflected in the security infrastructure.

3. Internal / External Audit
Suppor the audit activities by providing required information and systems logs to confirm the level of compliance to the Cybersecurity controls.

4. Ma’aden affiliates
Support Ma'aden affiliates by providing 24/7 technical support and capability and making sure all security systems and devices are up an running.

5. Security Service providers
Select and work with the potential security vendors that can provide required operational services. Support and maintain strong relationship with the vendors to ensure sustainable and efficient support level.

6. Business Continuity and Crisis Management
Primary liaison between key stakeholders of MA’ADEN’s BC plan e.g. Senior Management, Directors and Managers, Staff, Consultants, vendors and auditors in the seven countries

5. COMPETENCIES:

Technical/Functional

1. Cyber Security Risk Management
2. IT Service Management
3. ISO 27001 - Security Governance / Audit
4. ISO 27002 - Information Security Controls
5. ISO 27005 - Risk Management
6. Enterprise Architecture
7. IT/Solution Architecture
8. Security Architecture Controls Implementation
9. Cloud Security
10. Product / Vendor Security Certifications
11. Strong TCP/IP networking skills and deep technical knowledge in more best-of-breed security products.
12. Customer service skills.
13. Analytical thinking and problem-solving skills.
14 Self-managed and team oriented.
15 Deadline and detail oriented.

Leadership

1. Leadership
2. Teamwork
3. Integrity
4. Care
5. Ownership
6. Accountability
7. Communication
8. Time Management, Planning and Organization

Safety

• Safety advocate - anywhere and everywhere
• Sound knowledge and application of HSE rules and procedures
• Concern for own wellbeing and that of others
• Ability to pro-actively identifying safety hazards and act accordingly