This role required candidate to permanently relocate at Dhahran, Saudi Arabia.
About the Company
This company engages in the exploration, production, transportation, and sale of crude oil and natural gas. It operates through the following segments: Upstream, Downstream, and Corporate. The Upstream segment includes crude oil, natural gas and natural gas liquids exploration, field development, and production. The Downstream segment focuses on refining, logistics, power generation, and the marketing of crude oil, petroleum and petrochemical products, and related services to international and domestic customers. The Corporate segment offers supporting services including human resources, finance, and information technology. The company was founded on May 29, 1933 and is headquartered in Dhahran, Saudi Arabia.
Job Summary
We are seeking a Cyber Security Specialist to join our Global Manufacturing Excellence Organization under the technical support team. The technical support is a multi-disciplinary team provides the required high-quality technical support to GM operating facilities (Refineries, NGLF, and petrochemical plants) insides the Kingdom of Saudi Arabia & across the globe. As a Cybersecurity Specialist acritical role is safeguarding digital assets. Implement and manage robust cybersecurity measures, monitor security incidents, and conduct vulnerability assessments. Provide training to enhance security awareness across the admin area.
Your primary role will be to support the Global Manufacturing Digital Transformation programs and related deployments which aim at maximizing the digital value realization, utilization and benefits by deploying innovative and efficient digital transformation solutions and technologies across Global Manufacturing facilities. You will provide technical leadership to effectively implement the Governance, Risk, and Compliance (GRC) requirements across all IT/OT areas.
Additionally, you'll provide technical leadership in the overall Cyber Defense by ensuring Security Design & Architecture, Security Operations, Incident Response, Forensics, Penetration Testing, Network, Systems and Application Security, Risk Management, Red Teaming, Emerging Threat Analysis and Intelligence, Security Automation, Data Analytics & Machine Learning.
Responsibilities:
- Monitor security incidents and conduct investigations.
- Implement cybersecurity policies and procedures.
- Conduct vulnerability assessments and risk analysis.
- Provide training on security awareness.
- Ensure protection of critical information and infrastructure.
- Provide expertise in Application Security, Cloud Security, Database Security, and Network Security.
- Work with cybersecurity frameworks and standards such as NIST Cybersecurity Framework (NIST CSF), ISO 800-53/171 to assess the maturity of an organization's cybersecurity capabilities.
- Provide project consulting, evaluating proposed solutions including vendor products & services for information security architecture, risks, and recommending alternative solutions or compensating controls.
- Perform security architecture/application design reviews of projects, products, and solutions to ensure alignment with security policies and best practices to meet corporate security requirements.
- Identify gaps in the current projects' security design, cybersecurity reference architecture, architecture design patterns, and recommend security enhancements.
- Define new security architecture patterns for advanced technologies such as IoT, AI, Metaverse, etc.
Requirements:
- This role required candidate to permanently relocate at Dhahran, Saudi Arabia.
- Hold a Bachelor's Degree in Computer Science, Cybersecurity, or equivalent from a recognized and approved program.
- Possess expert-level certifications such as CISSP (Certified Information Systems Security Professional), CCIE (Cisco Certified Internetwork Expert), and CISM (Certified Information Security Manager).
- Have a minimum of 12 years' experience in the interrelated field of Information Technology, including extensive knowledge in Cybersecurity.
- Certified in CISSP, CISM, and CCIE.
- Experience in cloud security, workloads, cabernet, web3, blockchain, network security, application security, and APIs integration is required.
- Experience in managing the security of cybersecurity cloud platforms and hybrid cloud environments.
- Demonstrated experience in developing zero trust security roadmaps, capabilities, architectures, and standards.
- Possess a solid understanding of emerging security threats and can design security reference architectures to mitigate these threats.