[2024/110] - Cyber Security Consultant

To provide cyber security consultancy services (Risk Management, Security Architecture, Governance Support, etc.) for securing the OT infrastructure built using specialised Air Navigation systems. This includes developing, implementing, and monitoring security controls, best practices, and fostering a holistic cyber security culture against emerging threats, while ensuring compliance with customer and regulatory requirements.Duties, Responsibilities, and Accountabilities Design, implement, and assess security controls and best practices for secure OT systems of Air Navigation Services in line with industry standards and regulatory requirements such as IEC 62443 and NESA.Conduct regular risk assessments on specialised OT systems and provide mitigation plans.Collaborate with internal and external teams to integrate security controls into existing and new OT infrastructure systems.Perform periodic technical security reviews on OT systems for compliance against security policies and regulations, and report findings.Prepare and update comprehensive threat models for each OT system and infrastructure.Coordinate with external stakeholders for technical assessments and implement actionable security recommendations.Manage vulnerability programs, including patch management and control implementation.Maintain and share security reports, documents, and review security awareness materials.Act as a technical point of contact during security incident analysis and coordinate response efforts.Support incident response simulations and document lessons learned for improvements.Assess risks related to suppliers, vendors, and third-party service providers, and communicate findings and mitigation strategies.Keep security documentation updated per policies and regulations.Qualifications Bachelor’s in Computer Science, IT, Cyber Security, or related field; Master’s preferred.Professional Certifications Relevant certifications such as CISSP, GICSP, ISA/IEC 62443, OSCP, GPEN.ISO 27001 certification is advantageous.Additional aviation security or technical certifications preferred.Experience with Linux OS, penetration testing, and security incident management is advantageous.Experience Minimum 10 years in Cybersecurity, with at least 8 years in technical roles and 5 years in OT environments.Experience implementing ISA/IEC 62443 controls or certification in it, along with CISSP or GICSP.Experience in Aviation OT Security and within the UAE is preferred.Knowledge of ISO 27001, NESA, and GCAA regulations is beneficial.Technical Skills Proficiency in English; Arabic knowledge is a plus.Ability to design and deliver technical security training. #J-18808-Ljbffr