IT Security Analyst for Saudi Arabia

• Knowledge on ICS security reference architecture- Enterprise Reference Architecture model,
• Working Knowledge of process control systems
• Knowledge of industrial protocols (e.g., modbus, modbus TCP, DNP3, Ethernet/IP, OPC, HART)
• Knowledge of access control models, Active directory services and knowledge of user access management (Domain Controller 2003,2008 R2).
• Knowledge of change management, baselines, equipment connections, and configuration auditing.
• Knowledge of distribution and installation of patches, knowledge of software reloads and firmware management
• Security testing tools (e.g., packet sniffer, port scanner, vulnerability scanner).
• Knowledge of attacks and incidents (e.g., man in the middle, spoofing, social engineering, denial of service, denial of view, data manipulating, session hijacking, foreign software, unauthorized access).
• Knowledge of availability (e.g., health and safety, environmental, productivity).

• Knowledge of cryptography & VPN (e.g., encryption, digital signatures, certificate management, PKI, public versus private key, hashing, key management, resource constraints).
• Knowledge of security tenets (e.g., CIA, non-repudiation, least privilege, separation of duties).
• Knowledge of threats (e.g., nation states, general criminals, inside and outside malicious attackers, hacktivists, inside non-malicious).
• Knowledge of system backup & restoration-Symantec Backup recovery Tool & Veritas.
• Knowledge of communication medium and external network communications.
• Knowledge of field device architecture (e.g., relays, PLC, switch, process unit)
• Knowledge of network protocols (e.g., DNS, DHCP, NTP, SNMPV3, Telnet, SSH, Syslog, SMTP TCP/IP).
• Network segmentation (e.g., partitioning, segregation, zones and conduits, reference architectures, network devices and services, data diodes, DMZs).

• wireless security (e.g., WIFI, wireless sensors, wireless gateways, controllers)
• Knowledge of embedded device (e.g., PLCs, controllers, RTU, analyzers, meters, aggregators, security issues, default configurations).
• Knowledge of network & system security/hardening
• Knowledge of OS security (Unix/Linux, windows, least privilege security, virtualization)-Windows 2K,2003,2008,2012, WINXP, WIN7, WIN10).
• Knowledge of anti-malware implementation, updating, monitoring, and sanitization. Knowledge of end protection including user workstations.
• Knowledge of device testing (e.g., communication robustness, fuzzing) (e.g., risk, criticality, vulnerability, attack surface analysis, supply chain), Knowledge of security assessment.
• Knowledge of risk management (e.g. Risk acceptance, risk/mitigation plan).
• Knowledge of security policies and procedures development (e.g., exceptions, exemptions, requirements, standards).

• Knowledge of event, network, and security logging, including knowledge of archiving logs.
• Knowledge of event, network, and security monitoring.
• Knowledge of incident recognition and triage (e.g., log analysis/event correlation, anomalous behavior, intrusion detection, egress monitoring, IPS), knowledge of incident remediation/recovery, and knowledge of incident response (e.g., recording/reporting, forensic log analysis, containment, incident response team, root cause analysis, eradication/quarantine).
• Knowledge of physical security.
• Knowledge of Disaster Recovery procedures
• Bluecoat ICSP (Industrial control System Protection) scanner -Removable media scanning tool.
• Waterfall Data-Diode.

3+ years experience

Bachelor or Master degree in Engineering

Ashu Parihar
ashuparihar@peoplebridge.in