1. Risk Assessment and Management
• Conduct thorough security risk assessments for control systems and associated networks.
• Identify vulnerabilities within ICS/SCADA systems and recommend appropriate mitigations.
• Develop risk management plans aligned with industry standards (e.g., NIST, IEC 62443, and ISO 27001).
2. Design and Implementation of Security Controls
• Develop, implement, and monitor security controls for ICS and SCADA environments.
• Ensure all control systems adhere to cybersecurity best practices.
• Work closely with engineering teams to design secure architectures for new and existing systems.
3. Incident Response and Threat Management
• Develop and implement incident response strategies for control systems
• Analyze security incidents and coordinate with relevant teams to mitigate and prevent recurrence
• Stay informed on emerging threats to ICS and provide guidance on preventative actions
4. Compliance and Policy Development
• Ensure control systems meet regulatory compliance requirements.
• Develop cybersecurity policies and procedures tailored to control systems.
• Conduct regular audits and ensure ongoing adherence to security standards and regulations.
5. Training and Awareness
• Provide cybersecurity awareness training for operators, engineers, and other relevant personnel.
• Foster a cybersecurity culture within teams working with control systems.
6. Collaboration and Stakeholder Engagement
• Collaborate with cross-functional teams to embed security throughout the lifecycle of control systems.
• Act as a cybersecurity expert, providing guidance and consultation to project teams
Work Experience
Bachelor’s or Master’s degree in Cybersecurity, Information Security, Engineering, or related field10+ years of experience in Industrial Automation with 5+ years of experience in cybersecurity with a focus on industrial control systems (ICS) and SCADA.Extensive knowledge of control systems protocols (e.g., Modbus, OPC, DNP3) and security standards (NIST SP 800-82, IEC 62443).Proven experience in risk management, vulnerability assessment, and security control design.Familiarity with incident response, threat intelligence, and SIEM tools as they pertain to ICS environmentsStrong problem-solving skills, attention to detail, and the ability to work in a high-stakes environmentKnowledge on ABB 800xA system is an added advantage
Preferred Certifications:
• CISSP (Certified Information Systems Security Professional)
• GICSP (Global Industrial Cyber Security Professional)
• CISM (Certified Information Security Manager)
• IEC 62443 certifications or relevant ICS cybersecurity credentials