Lead Refinery Operational Technology

About The Role :.
DUTIES & RESPONSIBILITIES.
AREAS ACTIVITIES.
1.
2.
3.
4.
5.
LEADERSHIP.
GOVERNANCE.
Risk Assessment & Other Assessments.
SUPPLY CHAIN RISK MANAGEMENT.
MISCELLANEOUS.
Perform other duties as assigned to ensure the smooth functioning of the department..
Operate with a high degree of independence with regard to project management activities for OT Security, including development of project plans and resource estimates..
Understand, assist and co-ordinate for legal and regulatory requirements regarding cybersecurity, including privacy and civil liberties obligations for OT.
Develop and share Weekly, Monthly and Yearly reports with Head- Information Security, showcasing status and posture of Information Security Program at OT in Nayara Energy.
Develop and maintain Information Security Online Dashboard for Information Security.
Recommend & implement Information Security Metrics Program for continuous monitoring and assessing the effectiveness of Information Security controls at OT.
Co-ordinate with relevant OT functions to collect required data for the Information Security Metrics Program.
Assist Head Information Security to design, implement, and maintain Nayaras cybersecurity plan and Information Security Program at Refinery..
Assist Head Information Security for other governance activities..
Identify and document asset vulnerabilities and threats (internal and external)..
Receive cyber threat intelligence from information sharing forums and sources..
Identify potential business impacts and likelihoods..
Use threats, vulnerabilities, likelihoods, and impacts to determine risk..
Identify and prioritize risk responses..
Suggest risk mitigations & OT controls and ensuring information security best practices are designed, implemented and monitored..
Co-ordinate for Risk Assessment of Business Functions OT systems.
Benchmark and compare security practices with the industry.
Demonstrate knowledge, Implementation, operations and maintenance of information security standards and frameworks like NIST Cyber Security Framework, ISO/IEC 27001, COBIT, ITIL, ISA/IEC 62443 etc.
as applicable..
Perform various Cybersecurity assessments covering OT network and IT-OT intersection points as suggested by Head Information Security.
Developing methodology for OT Security Testing in discussion with Head Information Security.
Leads, designs, and implements improvements in OT Cybersecurity threat monitoring, attack response methods, and incident response plans.
Assist/Recommend in Development & Implementation of Information/Cyber Security Supply Chain Risk Management framework.
Assist Head Information Security to ensure organizational stakeholders identify, establish, assess, manage, & agree to cyber supply chain risk management processes..
Perform analysis of the architecture and infrastructure of Industrial Control Systems (SCADA / DCS / DMS/ IIoT) in terms of cyber security.
Develop security focused IT-OT integrated architecture as per leading OT / ICS cyber security standard.
Design and implement Cybersecurity solutions for Industrial Control Systems.
Support ICS security projects within a Security Transformation program.
Responsibilities.
DUTIES & RESPONSIBILITIES.
AREAS ACTIVITIES.
1.
2.
3.
4.
5.
LEADERSHIP.
GOVERNANCE.
Qualifications.
SKILLS & KNOWLEDGE.
A degree in Industrial Engineering / Instrumentation engineering or BE with certifications in cybersecurity domain preferred.
Relevant professional qualifications such as CISSP, ISA99 certifications, ISO 27001, CCSA, CCSE, CRISC, CCSP, GICSP, IEC 62443CISA / CISSP / CSP / ISO 27001- Lead Auditor certification (s)..
Masters degree in business administration or a qualification with focus in Risk Management / Information Security.
(For e.g., COBIT Assessor, ITIL- Intermediate, CRISC, MBCP etc..
12 14 years of experience working in Refinery Automation the Cyber security domain with a minimum of 3 years in the Industrial automation and controls space.