JOB DESCRIPTION

Magika has opening for ICS Consultants in Hail, Kingdom ,Saudi Arabia Roles Security Analyst (ICS Consultants) Experience - 3- 4 Yrs in OT/ICS (Industrial Control System)/SCADA security operations & implementations. Location Saudi Arabia Strong experience in IT‑ Networks & Security Implementations & operations. Skills In Network security side, hands on exp. on various firewall like Check Point, Cisco ASA, Juniper (Netscreen & SRX), Fortinet. Mail gateway like SBG, Trend Micro IMSVA, Barracuda, Iron Port. Web Gateway like Mcafee Web Gateway, Blue Coat Skill Name Skill Level Firewall - Expert VPN- Expert Routing - Intermediate Network Security side- Intermediate ICS/OT Security Skills Knowledge on ICS security reference architecture- Enterprise Reference Architecture model, Working Knowledge with following process control systems Examples: DCS (Emerson DeltaV,Honeywell, Schneider -Foxoboro I/A series) Machine/Vibration monitoring systems ( BN-System-1,BN Rack-3500), OSI PI system (POIS), Analyzer systems(ADAS), Flow Metering system (citec configurator), Mooring system, Tank data Acquisition system(TDAS), CCC package control systems, Electrical Control systems (ELICS RTUs), Variable frequency drives systems (VFD), ESD systems, PS systems ( Triconix ), HIPPS,Fire & Gas system , Alarm Management systems(PAS), Asset management systems(IAMS), GE Turbine control systems (MARK-VI E), GE-Remote Monitoring Diagnostics system (OSM), Advance process controller(APC). Knowledge of industrial protocols (e.g., modbus, modbus TCP, DNP3, Ethernet/IP, OPC, HART) Knowledge of access control models, Active directory services and knowledge of user access management (Domain Controller 2003,2008 R2). Knowledge of change management, baselines, equipment connections, and configuration auditing. Knowledge of distribution and installation of patches, knowledge of software reloads and firmware management Security testing tools (e.g., packet sniffer, port scanner, vulnerability scanner). Knowledge of attacks and incidents (e.g., man in the middle, spoofing, social engineering, denial of service, denial of view, data manipulating, session hijacking, foreign software, unauthorized access). Knowledge of availability (e.g., health and safety, environmental, productivity). Knowledge of cryptography & VPN (e.g., encryption, digital signatures, certificate management, PKI, public versus private key, hashing, key management, resource constraints). Knowledge of security tenets (e.g., CIA, non-repudiation, least privilege, separation of duties). Knowledge of threats (e.g., nation states, general criminals, inside and outside malicious attackers, hacktivists, inside non-malicious). Knowledge of system backup & restoration-Symantec Backup recovery Tool & Veritas. Knowledge of communication medium and external network communications. Knowledge of field device architecture (e.g., relays, PLC, switch, process unit) Knowledge of network protocols (e.g., DNS, DHCP, NTP, SNMPV3, Telnet, SSH, Syslog, SMTP TCP/IP). Network segmentation (e.g., partitioning, segregation, zones and conduits, reference architectures, network devices and services, data diodes, DMZs). wireless security (e.g., WIFI, wireless sensors, wireless gateways, controllers) Knowledge of embedded device (e.g., PLCs, controllers, RTU, analyzers, meters, aggregators, security issues, default configurations). Knowledge of network & system security/hardening Knowledge of OS security (Unix/Linux, windows, least privilege security, virtualization)-Windows 2K,2003,2008,2012, WINXP, WIN7, WIN10). Knowledge of anti-malware implementation, updating, monitoring, and sanitization. Knowledge of end protection including user workstations. Knowledge of device testing (e.g., communication robustness, fuzzing) (e.g., risk, criticality, vulnerability, attack surface analysis, supply chain), Knowledge of security assessment. Knowledge of risk management (e.g. Risk acceptance, risk/mitigation plan). Knowledge of security policies and procedures development (e.g., exceptions, exemptions, requirements, standards). Knowledge of event, network, and security logging, including knowledge of archiving logs. Knowledge of event, network, and security monitoring. Knowledge of incident recognition and triage (e.g., log analysis/event correlation, anomalous behavior, intrusion detection, egress monitoring, IPS), knowledge of incident remediation/recovery, and knowledge of incident response (e.g., recording/reporting, forensic log analysis, containment, incident response team, root cause analysis, eradication/quarantine). Knowledge of physical security. Knowledge of Disaster Recovery procedures Bluecoat ICSP (Industrial control System Protection) scanner -Removable media scanning tool. Waterfall Data-Diode.