ICS Cybersecurity Specialist

Role Overview

This position is a hands-on industrial cybersecurity role focused on protecting, detecting, responding to, and recovering ICS/OT environments. The scope covers Windows-based systems and network layers 0 to 3.5, aligned with ISA/IEC 62443. The role also requires supporting both connected and standalone ICS assets while strengthening the organisation’s OT cybersecurity posture through relevant standards, tools, and controls.

What You Will Do

• Set up and sustain an ICS cybersecurity management system and operating framework.
• Build and roll out cybersecurity policies, procedures, standards, and risk assessment methods.
• Organise internal and external audits to uncover ICS cybersecurity weaknesses and exposure areas.
• Oversee patching for Windows endpoints across levels 0 to 3.5, including standalone devices.
• Spot outdated operating systems and work with vendors on upgrade paths.
• Reduce reliance on isolated devices, such as laptops used for PLC setup.
• Prepare OT assets for internal audits by completing configuration reviews for workstations, servers, switches, firewalls, and routers.
• Fix identified deficiencies and document exceptions, remediation actions, and deviation plans.
• Verify and record compliance of OT workstations, servers, network devices, and security equipment against company rules and procedures.
• Support the design of OT cybersecurity solutions such as SIEM, IPS, and ATP.
• Track patching, antivirus, SIEM, IPS, ATP, and related platforms, then investigate and respond to alerts.
• Carry out post-incident technical analysis and lead the required response actions.
• Review ICS environments and cybersecurity safeguards in depth.
• Take part in vulnerability assessments and admin audits on client systems and network equipment, keeping OT testing sensitivity in mind.
• Identify control gaps and suggest practical mitigation measures.
• Keep current on the cybersecurity features of operating systems, network gear, control systems, and vendor products.
• Stay informed on emerging computer and network technologies, architectures, and products.
• Solve technical problems while considering operational impact and clearly communicate resolutions to OT teams.
• Protect operational technology networks and related assets.
• Develop technical solutions that satisfy compliance needs and reduce critical risks through appropriate security software and controls.
• Work with other cybersecurity specialists to shape ICS risk, mitigation, and monitoring strategies.
• Secure systems that use ICS communication protocols such as MODBUS and PROFIBUS.
• Create simulated ICS environments in virtual infrastructure.
• Participate in the MOC and PSSR process.
• Provide input into technical controls, procedures, and policies tied to regulatory and cybersecurity compliance.
• Support continuous improvement efforts that raise productivity and operational efficiency.
• Follow all section policies, processes, procedures, and instructions to ensure controlled and consistent execution.
• Observe all applicable safety, quality, security, and environmental requirements, including life-critical procedures, operating tenets, consent to operate, plant instructions, SOPs, JSAs, MOC, and the quality management system.
• Take part in shift safety activities, plant walk-downs, audits, toolbox talks, JSAs, MSCMs, and related safety practices.
• Use Stop Work Authority when needed and apply immediate corrective action for unsafe behaviour.
• Share technical ideas and explain complex topics to stakeholders.
• Train employees on ICS protective measures and social engineering risks.
• Prepare accurate, timely reports and recaps for departmental standards and requirements.
• Escalate issues to the supervisor when further follow-up is needed.
• Report incidents and near misses and support investigations when required.
• For expatriate employees, contribute to the development of Qatari employees.

Qualifications and Experience

A bachelor’s degree is required in one of the following areas: Electrical Engineering, Electronic Engineering, Process Control Engineering, Instrumentation Engineering, Engineering Technology, Physical Engineering, Automation Engineering, Mechatronics Engineering, Cyber and Networking Security, Computer Engineering, or Computer Science with a focus on Information Technology. A master’s degree in the same or related disciplines is preferred.

The role calls for at least 5 years of experience in control systems engineering, DCS/PLC/SIS support, instrumentation maintenance, or a similar operational function in the oil and gas or chemical manufacturing sector, along with at least 3 years in ICS/OT cybersecurity. Preferred experience is 7+ years in controls or instrumentation and 5+ years in ICS/OT cybersecurity.

Technical and Professional Requirements

• Strong hands-on experience with Windows operating systems, Active Directory, Group Policy, security controls, and related technologies.
• Working knowledge of ICS cybersecurity standards, especially ISA/IEC 62443.
• Understanding of defence-in-depth, security domains, authentication and authorisation, system integration, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, and security testing.
• Ability to research security solutions, engineer proposals, and prepare papers and presentations.
• Clear understanding of the cyber threat environment for network-connected ICS systems.
• Solid grasp of technical security risk assessment fundamentals.
• Practical experience with vulnerability assessments, penetration testing, and related tools and methods.
• Experience configuring or evaluating security controls such as firewalls, IDS, access controls, authentication, anti-virus/anti-malware, patching, hotfixes, and logging.
• Capability in corporate policy, procedure writing, and technical documentation.
• Working knowledge of network routing, switching, and TCP/IP.
• Experience with physical cabling for network communications and control system I/O.
• Preferred certifications include ISA 62443 Level 1/2/3, CISSP, GICSP, CCNA/Network+, and MCSE, or equivalent verifiable experience.
• Experience with Emerson, Honeywell, or Yokogawa DCS platforms is preferred.
• Experience in oil and gas or chemical manufacturing environments is an advantage.
• Strong interpersonal skills, teamwork, written communication, verbal communication, and the ability to manage several projects at once are important.
• Knowledge of ICT Qatar’s National ICS Security Standards is a plus.

Working Conditions

This is a practical, field-heavy position in a 7x24 chemical manufacturing environment, with substantial on-site work.

Location

Ras Laffan, Al Khor and Al Thakhira, Qatar.