DohaFull-time, PermanentConsultant shall carry out the industrial Control System (ICS) design meeting the cybersecurity requirements as per QNISS as attached along with Shell DEP 32.
01.20.12 and in accordance with ISA / IEC 62443.As part of feed, Consultant shall develop a compliance document against the security controls required by QNISS.
Deviations / derogations / scope exclusions, if any, shall be recorded in the table, citing the reasons, and any alternative or compensating controls to be put in place.
If no alternative or compensating controls exist, the un-mitigated residual risk shall be established and addressed to client for approval.
Consultant, as part of FEED shall develop a preliminary physical network architecture (multi-tier architecture), diagram depicting the ISA-95 levels, security zones, boundary protection devices, ICS hardware, routers, switches, computer assets, and other major ICS components.
Consultant shall also develop a preliminary logical network architecture (multi-tier architecture), diagram depicting the ISA-95 levels, security zones, boundary protection devices, routers, IP subnets and main computer infrastructure assets and other major ICS components.
Consultant shall complete the logical network architecture with a comprehensive matrix of data flows detailing for each entry : source and destination IP addresses & ports, protocols and a flow description.
Subsequent to assessment session, Consultant shall issue a cybersecurity risk assessment report, later followed by a closeout report, for CLIENT approval where all identified risks are adequately addressed and mitigated by security controls so that the residual risks are within CLIENT risk appetite.
Consultant shall ensure that, where applicable, the planned security controls are developed in tandem with existing facility specific controlsConsultant shall develop a FEED stage ICS Cybersecurity Specification which addresses the planned (proposed) security controls and includes quantities and references to market leading solutions for identity & access management (physical & logical), business continuity, system & network hardening, network and security monitoring, vulnerability and patch management, malware protection etc.
Job Types : Full-time, PermanentExperience : total work : 10 years (Required)Education : Bachelor's (Required)Work Remotely : Temporarily due to COVID-19