Job Descriptions – Cybersecurity Operation Expert

• Cybersecurity Operations Expert is the person responsible for Day-to-Day configure, manage and operate IT/OT Cyber Security
appliances and systems in different layers (Network, Applications and Endpoints)

Roles and Responsibilities

• Configure, manage and operate network security solutions such as: (Remote access, Anti DDoS, Anti APT, NGFW, IDS/IPS, Network
access control, DNS security, email Gateway, SSL inspection, Proxy )
• Configure, manage and operate application security solutions such as: (Multi factor authentication, Data leakage prevention, Web
application firewalls, Identity and access management, Privilege access management, Digital right management)
• Configure, manage and operate endpoint security solutions such as: (Hard desk encryption, Endpoint protection, Endpoint detection
and response, Database security, Servers security, Applications whitelisting)
• Apply a structured methodology and lead change management activities
• Manage licenses capacity of cybersecurity solutions for the IT/OT security solutions
• Participate in the disaster recovery activities for the IT/OT security solutions
Job Descriptions – Cybersecurity Design & Architect
• Cyber Security Architect is responsible for designing the cyber security architecture within the IT & OT.
• To be involved in implementing the cyber security strategy by evaluating cyber security projects, providing guidance and mentoring
cyber security architects at business unit level.

Roles and Responsibilities

• Develop the enterprise cyber security architecture
• Develop enterprise cyber security architecture guidelines and recommendations
• Align the business requirements with technical cyber security solutions
• Develop strategies for enterprise wide cyber security system integration
• Ensure alignment of cyber security architecture with selected cyber security industry standards
• Support in product/service requirements and selection activities by supporting in RFP / RFI development
• Develop, enhance, and apply comprehensive methodology to align current state of cyber security and future structure and processes
with the cyber security strategy
• Develop a cyber-security framework that describes the current, intermediate, and future security architecture
• Supervise the mega cyber security projects that span across multiple business units
• Collect business requirements in order to fulfill and align network design with BU requirements
• Develop detailed network designs for the business line
• Support in the technical implementation of security solutions and make sure that they align with the network design
• Document all planned and implementing changes on the network
Job Descriptions - Cybersecurity GRC Specialist
• GRC Analyst is responsible for developing and implementing risk and compliance assessment programs for the IT or OT.
• They also provide support for creating risk and compliance reports for the management.
• They also provides support to maintain organizational policies and procedure in compliance with regulatory & international standards.

Roles and Responsibilities

• Perform cyber security compliance checks and assessments utilizing cyber/IT and OT security standards
• Assess the effectiveness of key security controls in the environment for compliance with security standard requirements such as ISO27k
• Engagement with cyber security teams to review audit scope, determine the work plan, and participate in the risk assessment of
initiatives prior to fieldwork
• Input into the design and implementation of the risk assessment methodology
• Develop risk and compliance assessment reports
• Review risk and threat assessments
• Maintain the cyber risk register
• Develop and maintain cyber risk management process
• Provide management advice for risk actions
• Provides periodic risk assessment of compliance related areas
• Design and implement the cyber security compliance program
• Develop, monitor and analyze GRC metrics
• Maintain compliance policy
• Analyze compliance requirements (e.g. legislative and regulatory)
• Review and maintain company policies and procedures
Job Descriptions - Cybersecurity Implementation Expert
• Cyber Security Implementation Expert is responsible for leading and delivering the design and implementation function of the cyber
security within the business unit

Roles and Responsibilities

• Develops and manages projects and initiatives as per the cyber security roadmap
• Manages the evaluation process for bidders
• Guarantees and ensures compliance with security standards
• Manages implementation of reference architectures related to cyber security technologies and services
• Leads the cybersecurity projects with end-to-end delivery
• Manages the cybersecurity project implementation team
• Manages vendors and contractors
• Creates detailed project work plans for each ongoing project
• Manages learning and development of design & implementation team
• Produces cyber security designs for the business line that are both highly secure and aligned with the cyber security strategy
• Proactively identifies cyber security risks, recommends corrective action plans and drives solutions implementation
Job Descriptions – Security Assurance Expert
• Vulnerability and Pentest Expert is responsible for conducting threat and vulnerability assessments, penetration testing, technical
controls review and other technical security assessments as part of the SOC function in IT and OT.

Roles and Responsibilities

• Conduct penetration testing and other security assessments as required
• Utilize SOC tools to continuously monitor
• Help and participate in event monitoring and incident response
• Assess vulnerable systems and recommend remedial actions
• Uses many different operating systems and hacking tools to perform penetration tests
• Fill out assessment reports about their discoveries
• Complete assessments of networks, computer systems and servers
• Continuously research and study security threats and attack vectors
• Perform Penetration Testing, Red teaming, Vulnerability management, Network & Infrastructure security assessments