Job Description and Requirements
Job Title: Cyber Security Specialist
Reports to: Contract Security Manager
Location: Central Region - Riyadh
2.
Role Role
Context:
The SANGCOM Future Support Contract is a 3 year
service delivery programme with the client being the UK Ministry of Defence
in Saudi Arabia and the customer (use community) being the Saudi Arabia
National Guard. There will be a total
of approximately 120 KBR personnel, situated in Riyadh, Dammam and Jeddah,
with a supply chain of 25 organisations and up to 800 personnel in total
across the programme. The contract is
expected to mobilise in October and full service commencement, taking over
from the incumbent, in February 2019.
We will be using Enterprise Service Management
(ESM) and Information Technology Infrastructure Library (ITIL) principles to deliver
the following workstreams:
·
Support to the SANG Network to
deliver IP Telephony to 80,000 users at 350 sites and host applications
such as Network Management System, Cable Management System and Remedy
incident management software.
·
This will include the operation
of Service Desks in Riyadh, Dammam and Jeddah.
·
Support to maintain operational
capability of Fixed and Deployable equipment and capabilities.
·
Technical & English
Language Training in Riyadh and 3 regional locations.
·
Built Estate maintenance &
upkeep.
·
Design and deliver a new
Management Information System to support the PMO.
Role
Description:
The Cyber Security Specialist (CSS) is an IT based
role that leads the secure network operating centre and addresses the system
and Information management security needs.
The role provides the lead security management responsibilities across
systems security in delivering the SANGCOM contract. Responsible for developing, maintaining and
disseminating the protocols, procedures and IT access that is applied to the
MIS, TMIS and all systems used in the Sangcom contract. Also responsible for the security aspects of
monitoring and control of these systems.
The role will require strong analytical skills in
networking and telecoms technologies. This position will be working with IP,
Ethernet and, MPLS networking technologies.
3. Qualifications, Experience and Skills Qualifications:
·
A technology based degree.
·
Active membership of an IT / technology
based institution.
·
Preferred industry qualification such as Cisco CCNA
·
A minimum of 10 years relevant experience
in IT system access and use, including 5 years in delivering system security
related services in a major programme.
·
Currently hold high level security
clearance with the MoD or equivalent.
Experience
and Skills:
Essential:
Understanding of
the Defence Manual of Security – JSP 440, including its general application.
Proven ability
in applying security policy and procedures for a complex programme of
work.
Administration
of security protocols to direct team, suppliers and system users.
Proven
experience in developing the requirements and application of cyber
security.
Proven
experience in managing Cyber Essentials and Cyber Essentials Plus
certification
Good
working knowledge of Cisco ASAs, VPNs, Cisco routing and switching
administration
Understanding
of AAA authentication
Experience of
working at a support level with Cisco CCNA security and SolarWinds
Demonstrable understanding
of cyber security, data security and IT risks and controls;
Understanding of
audit processes, preferably with audit experience;
Strong knowledge
of frameworks, standards and regulatory requirements related to
information security and data protection;
Good technical
knowledge of network security, key IT technologies, commercial security
management and monitoring tools and services;
Demonstrable
knowledge of current and emerging cyber security risks;
Excellent
documentation and reporting skills.
Understanding of
ISO 27001 or other relevant information security standards.
Desirable:
Knowledge of the
Facilities Management, IT or Delivery Partner industries.
Defence Industry
experience
ITIL Foundation
certification
4. Core Responsibilities and Duties General:
The Cyber Security Specialist will be responsible
for ensuring the contractor and Sangcom IT networks and infrastructure are
managed and monitored in accordance with contractually defined policies and
procedures. Responsible for ensuring the
project and user community are able to understand and apply necessary access
and information security procedures agreed by the Authority. Ensures the programme evolves with current
good practice and addresses emerging threats and concerns.
The role will interface with all applications, IT,
IM, systems and technical specialists in the programme:
·
The MOD Security Officer shall be the Principal
Security Advisor (PSyA) and the Contractor’s principal point of contact for
all security matters.
·
KBR GS EMEA IM/IT Manager in Leatherhead.
·
Security Analyst, representing the Technical
Services Delivery functionality.
·
The Information Manager and MIS specialist
·
Back office applications support team.
Specific:
Lead on Cyber
security certification and the process to obtain Cyber Security
accreditation.
Lead establishing
the Secure network Operating Centre (SNOC) capability.
Lead on Cyber
security incident management and oversee incident and root cause
analysis.
Support cyber
security audits.
Ensure that the
project team and suppliers are aware of security restrictions and adhere
to access and system use across the programme and locations.
Ensure
compliance with all relevant UK MoD and SANG IT Security Policies.
Implement and comply
immediately with any new IT based security instructions and policies
introduced by the SANG.
Monitor the
entire system and identify any actual or potential threats to IT/IM
security.
Apply measures
to ensure that work on protectively marked matters and aggregated data
is strictly limited to those who are security cleared to carry out their
work.
Develop guidance
and instructions for IT/IM access and data usage and support training
and dissemination of such information.
Develop project
based guidance and instructions for application of data security principles
in ISO 27001 around information collection, storage, dissemination and
destruction.
Identify and
implement processes and procedures to monitor compliance with Cyber
security accreditation for the duration of the contract.
Develop and deliver
information security methodologies and working practices within the MIS.
Notify the Contract
Security manager of any potential security threats, breaches or issues
that may compromise security.
Actively monitor
industry and international practices and identify how to adapt this
contract to remain compliant.
Identify
Authority and SANG specialists to train and mentor to enable the cyber
security aspects to be passed to the user community ahead of the exit of
the contract.
5. Competencies Key competencies for this role, demonstrated to a
proficient level:
Communication
skills - Be articulate and engaging.
Demonstrate ability across different styles for example, passionate,
empathetic, assertive, reflective etc.
Influencing –
establishes communication channels, actively listens, clarifies,
gives/seeks feedback, clear and concise, persuasive/negotiates with
others.
Problem solving – identify and own problems. Be able to investigate and assess
options and determine most suitable course of action.
Diligence – attention for detail and accuracy. Recognise when and how to check, test
and review information and provide confidence in the correctness of a
deliverable.
Systematic – Able to set up workflow and protocols. Able to develop guidelines and control
measures to ensure compliance and repeatability of tasks.
*** تقدم على الرابط التالي : Apply on the following link ***
https://www.akhtaboot.com/en/saudi-arabia/jobs/riyadh/112195-Cyber-Security-Specialist—-SANGCOM-at-KBR
نسخة للطباعة 
ابلغ عن اعلان مخالف