OPERATIONAL TECHNOLOGY (OT) SECURITY ENGINEER

Dover Engineering Limited

Software & Data

The right candidate must have:

• A minimum of BSC. /HND in Engineering or Sciences (Electronics/Electrical, Physical Electronics, Instrumentation, Control or Mechanical Engineering or Computer Science) or any other professional certification required for the job + computer literacy.

• A minimum of five (5) years’ post graduate work experience with IT or control and automation disciplines with at least 1 year in similar function in an LNG plant or in a petrochemical company.
  

Accountability To assist the company’s OT Security Focal in performing daily operational OT security duties; ensuring appropriate and secure management and use of the OT systems and applications in the OT

Operations shall be performed in compliance with OT Security Standard, other applicable OT security standards and legislation. Technical/Business Skills:

• Experienced in management of change processes for production operations.

• Experienced in performing the day-to-day run and maintain activities delegated by the OT Security Site Focal Point e.g. anti-virus software, system patching, back-up and restore, asset inventory management and intrusion detection monitoring.

• Working knowledge level on Field Instrumentation, Process Automation and Safety instrumented systems.

• Ability to carry out technical reviews in line with OT security requirements and standards (IEC 62443, NIST Cybersecurity Framework, etc.)
  

Basic functions & Principal Responsibilities:

1. Provide input to the compliance assessment of the policies governing the company’s Operations Technology and the systems that are connected to it. Policies include: a) Security Patch Management within the company OT Domain. b) Antivirus DAT Updates Management within the company OT Domain. c) Acceptable Use of Portable Media within the company OT Domain. d) OT Domain Access and Security. e) OT Domain Backup and Restore

2. Maintain an inventory of computers, servers and other access devices that are attached to the Network a) Ensure the asset inventory list is up to date in line with the company OT Security Manual - Asset Inventory requirements. b) Provide input to the periodic reviews of the asset inventory information.

3. Maintain an inventory of portable media (including laptops), that are used in the OT Network.

4. Administer portable medias (including laptops) and maintain a record of portable media use. This includes maintaining the secure scanning stations, and access points within the OT.

5. Manage user access after authorization by OT Administrator and Site Focal a) Add, remove, or update user account information after authorization. b) Maintain role-based-access-control (RBAC) in the OT. c) Reset passwords with user signoffs.

6. Monitor external remote user access sessions to the OT, ensuring restriction and terminations are implemented in line with the company-OT Security Manual.

7. Ensure upkeep information in relation to Windows Active directory.

a) Ensure the OT user Access list is up to date in line with OT Domain Access and Security requirements.

b) Provide input to the periodic reviews of the OT User Access Control

8. Manage, assign, and maintain the list of network addresses and ensure all OT equipment and cables are labelled in line with the as-built documentation.

9. Apply operating systems updates, patches and make configuration changes to tighten security, subject to management of change process.

10. Conduct routine verification of the McAfee DAT distribution to the networked OT equipment to fortify the network security system.

11. Liaise with IMT team for the routine retrieval of anti-virus signatures and manually update the non-networked OT equipment.

12. Conduct routine verification of the automated backups of the networked OT equipment and routine restoration testing.

13. Ensure and demonstration backup/restoration strategies compliance with the defined Recovery point Objectives and the Recovery Time Objectives.

14. Ensure the Management of change within the company OT policy is followed in the implementation of OT works including:

a) The application of operating system patches.

b) The application software patches or quick fixes.

c) Firmware changes.

15. Find security gaps by performing routine audits of hardware and software entities on the network and closing those gaps.

16. Administer the event log file collection for the OT equipment including switches, firewalls, servers, and computers. 17. Monitor the traffic that passes through DMZ to validate security measures are in place and operational.

18. Monitor the OT to ensure protections from malicious entities such as hackers, viruses and spyware are in place and operational

19. Monitor the installed Intrusion Prevention Systems to ensure security measures are in place and operational.

20. Ensure that the OT network equipment in the CRAR and engineering room are physically secured.

21. Upgrade, manage and maintain switches, firewalls, and other Network equipment.

22. Coordinate with the various third-party specialist instrument maintenance organizations to evaluate and ensure accuracy to all server operating systems.

23. Manage and implement all network security processes and maintain proper reports for same.

24. Liaise with the different control system vendors for periodic checks, review, and evaluation of the OT security systems for enhancing network access.

25. Provide Inputs to Periodic OT Security Audit and Drills

Interpersonal Skills :

• Working knowledge level on people management

• Ability to work efficiently in a team.

• Excellent cross-team engagement and collaboration skills

• Excellent communication and presentation skills
  

Competencies:

• HSSE awareness and basic understanding of process safety fundamentals

• Previous work experience in a process plant

• Cybersecurity certification in IT or OT systems will be an added advantage.

• Working knowledge level on problem solving and analytical thinking

• Personal effectiveness awareness

• Basic understanding of use of procedures and work instruction
  

<