Principal Specialist, Cybersecurity Operations

Job Title

Principal Specialist, Cybersecurity Operations

Job Purpose

This position is responsible for performing the daily monitoring, maintenance and improvements to the security solutions deployed across Maaden on the perimeter, infrastructure, network-level, system-level and database-level to monitor and protect Maaden Corporate and Affiliates IT (Information Technology) and OT (Operational Technology) resources and assets within Saudi Arabia, India, Malawi, Zimbabwe, Mozambique, South Africa and Mauritius. This position works closely with other functions to assist in the security monitoring program, managing the Security Operations Center (SOC) for Maaden within the seven countries, maintaining cyber threat situational awareness of internal and external threats and vulnerabilities through enhanced monitoring capabilities and oversight of systems and processes used to assess security. Handle threat intelligence through strong partnerships and communications with regulatory agencies, Cybersecurity providers, national and global peers. This position is also responsible for catering to all access management requests and changes as well as the incident response against in Cyber-attack / breach and recovery capability. It is also responsible of handling forensic investigations and Root Cause Analysis (RCA) activities.

Key Accountabilities

Cyber Security Operations Management

• Oversee and direct Cyber security activities to execute the Cyber security program at all MAADEN including Corporate and Affiliates within Saudi Arabia, India, Malawi, Zimbabwe, Mozambique, South Africa and Mauritius.
• Ensure that the rules of use for IT/OT systems and the administrative procedures for IT/OT systems comply with the MAADEN’s Cyber security policies.
• Ensure that services provided by business and other enterprises, including outsourced providers are consistent with established Cyber security policies
• Perform daily monitoring, maintenance and improvements as needed to the security solutions deployed across Maaden on the perimeter, infrastructure, network-level, system-level and database-level
• Maintain cyber threat situational awareness of internal and external threats and vulnerabilities through enhanced monitoring capabilities and oversight of systems and processes used to assess security
• Monitor users, applications, networks, systems, and access to physical assets
• Perform periodic review of audits logs (includes review and retention) of applications, networks, systems, and access to physical assets
• Perform periodic user access review across Maaden’s registered users
• Conduct physical and logical security control assessments (vulnerability assessment), security monitoring, detection, and security status reporting to enable informed decisions
• Scans, analyzes, and apply countermeasures of vulnerabilities
• Detects, analyzes, and eliminates viruses and malicious code

Incident Response Management:

• Establish and manage capability to respond to and recover from disruptive and destructive Cyber systems incidents
• Design and implement processes for detecting, identifying and analyzing security related events
• Develop incident handling recovery plans including organizing, training, and equipping teams
• Ensure periodic testing of the response scenarios and recovery plans where appropriate.

Business Continuity and Disaster Recovery Plan Management

• Design, elaborate and implement comprehensive Business Continuity and Disaster Recovery Programs, strategies, plans and procedures in order to assist MA’ADEN’s survival from major interruptions of data processing services.
• Oversee and manage activities related to the Business Continuity Plan (BCP) including the Disaster Recovery Plan (DRP).
• Oversee the maintenance of the BCP/DRP documentation.

Cyber Security Compliance:

• Implement and comply with Cyber Security policies and procedures in the manufacturing environment
• Participate and contribute in the early stages of design for manufacturing technologies and systems to ensure alignment with Cyber Security requirements and standards
• Build the Cyber Security standards in terms of manufacturing and operational technologies in cooperation with Enterprise Cyber Security team and Process controls owners in Maaden affiliates.
• Participate in auditing activities to ensure security policies, requirements and best practices are effectively applied
• Adhere to and comply with the laws, regulations and standards applicable in each of the seven countries of operation (i.e. NCA, GDPR).

Performance Management & Capability Building

• Review overall KPIs, performance and cyber security measures for all Maaden IT and OT networks.
• Reports Cyber security related performance KPIs.
• Conduct periodic performance reviews of the staff.
• Building required capabilities and competencies within Cyber security staff.

Planning & Budgeting:

• Participate in the Development of the 5 years business plan and budget for Cybersecurity operations.
• Prepare the budget for cyber security requirements covering the IT and OT environments

Minimum Qualifications, Experience and Competencies

Minimum Qualifications:

• Bachelor’s Degree in Computer Science, Information Security or equivalent
• Fluency in English.

Experience:

• 9 years' related experience in Cybersecurity, IT, and Project Management.

Experience in OT Security is a plus.

Minimum Experience: 5 years

Maaden High Performance Competencies:

• Cyber Security Risk Management
• Enterprise Architecture
• IT/Solution Architecture
• Security Architecture Controls Implementation
• Cloud Security
• Product / Vendor Security Certifications
• Security Technologies
• Project Management
• Presentation Skills
• Leadership
• Teamwork
• Integrity
• Care
• Ownership
• Accountability
• Communication
• Time Management, Planning and Organization

Skills:

• Cyber Security Risk Management
• Enterprise Architecture
• IT/Solution Architecture
• Security Architecture Controls Implementation
• Cloud Security
• Product / Vendor Security Certifications
• Security Technologies
• Project Management

About Maaden:

Maaden, established in 1997, is one of the fastest-growing mining companies in the world and the largest multi-commodity mining and metals company in the Middle East. We are leading the development of the mining industry to become the third pillar of Saudi Arabia’s economy by building a world-class, unique, and fully integrated mining value chain. We are pleased to share an exciting opportunity for the below mentioned position. This role offers a chance to contribute to our ambitious growth and play a key part in shaping the future of mining in the Kingdom.

Benefits

1. Career Growth

2. Competitive Salaries

3. Comprehensive Package

4. Inclusive Work Environment

5. Work-Life Balance

6. Employee wellness