OT Pentester

Job Description

In fast changing markets, customers worldwide rely on Thales. Thales is a business where brilliant people from all over the world come together to share ideas and inspire each other. In aerospace, transportation, defence, security and space, our architects design innovative solutions that make our tomorrow’s possible.<br><br><strong>JOB OBJECTIVE<br><br></strong>Work with the Lead cyber consultant and the Project manager to deliver all required works. They will be mobilized at the start of the pentesting activities and working on-site in the customer premises or in the Thales labs in Doha.<br><br><strong>Roles &amp; Responsabilities</strong><ul><li>Application and OT infrastructure security configuration</li><li>Network security &amp; OT architecture</li><li>Penetration testing of applications, OT systems and networks</li><li>Information security organization, standards, and risk management</li><li>In addition, you will:</li><ul><li>Lead audits, document work performed, draft the audit report and present of the audit conclusions to the management</li><li>Follow up security audit issues and recommendations to verify the proper remediation</li><li>Contribute to the development and the maintenance of our “Cyber Security audit Lab” and tool</li><li>Recommend policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data</li><li>Conduct risk and vulnerability assessment to planned and installed information systems to identify vulnerabilities, risks, and protection needs</li><li>Promote awareness of security issues among management and ensure sound security principles are reflected in organization vision and goals</li><li>Conduct system security evaluations, audits, and reviews,</li><li>Recommend systems security contingency plans and disaster recovery procedures</li><li>Recommend and implement programs to ensure that system, network and data users are aware of, understand, and adhere to system security policy and procedure</li><li>Participate in network and systems design to ensure implementation of appropriate systems security policies</li><li>Facilitate the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes</li><li>Assess security events to determine impact and implementing corrective actions</li><li>Ensure the rigorous application of information security/cybersecurity policies principles, and practices in the delivery of all IT services.</li></ul><li>Additional duties:</li><ul><li>Support our Business &amp; Development and Sales team and offer preparation</li><li>Perform trainings and workshops on cyber security topics</li><li>Support authorization and accreditation (A&amp;A) efforts, to include assessing and guiding the quality and completeness of A&amp;A activities, task, and resulting artifacts mandated by governing DoD and Air Force policies (i..e., Risk Management Framework (RMF))</li><li>Develop and give presentations to leadership.</li><li>Performing as a team member: understanding personal and team roles; contributing to a positive working environment by building solid relationships with team members and proactively seeking guidance, clarification, and feedback.<br><br><br></li></ul></ul><strong>Minimum Requirements<br></strong><ul><li>2 years’ experience in Cyber and Information Security field.</li><li>2 years’ experience in Cybersecurity consulting and services (frameworks development, audit, risk assessment and treatment).</li><li>2 years’ experience in OT environments, preferably in Aviation sector.</li><li>Experience in cybersecurity technical evaluation (preferably in Risk Assessment and Architecture Review.).</li><li>Solid knowledge of both international and regional standards and frameworks (e.g. NCA, NESA, IEC 62443, ISO27, and NIST).</li><li>Solid knowledge of Microsoft Office: Project, Word, Excel, and PowerPoint.</li><li>Excellent communication skills (verbal &amp; written) and interpersonal skills.<br><br></li></ul><strong>Qualification, Certification &amp; Educational Requirements<br></strong><ul><li>Bachelor degree or equivalent in Computer Science, Engineering, Mathematics, Cybersecurity, or Data Science</li><li>Relevant Accreditations such as CISM, GIAC, IEC62443 or other internationally recognized certifications.<br><br></li></ul><strong>Preferred Skills And Behaviours<br></strong><ul><li>Master’s degree or equivalent in Computer Science, Engineering, Mathematics, Cybersecurity, or Data Science.</li><li>Previous experience in Consulting/Professional services.</li><li>Previous experience in BCP/DRA.</li><li>Knowledge of Arabic.<br><br></li></ul>At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now!