Acting as the Subject Matter expert (SME), the SME will help planning, developing and coordinating
activities of the ICS Cybersecurity practice including the technical and business aspects.
Developing governance, policies, procedures and security plans in all cyber security domains, i.e. Cyber
Incident Response Plans, Cyber Security Access Control Management, Remote Access Controls
(multifactor authentication), Configuration Management, Backup and Restore, Physical Security, and
Cybersecurity awareness & training plans.
Preparing reports, plans, specifications and RFPs in accordance with needs expressed by clients.
Assessing client satisfaction and maintaining close relations with the client.
Performing Cybersecurity Assessments.
Identifying the risks and vulnerability reassessment frequency and triggering criteria based on technology,
organization or operations.
Providing Cybersecurity training.
Manage client relations and engagements
Manage and develop business opportunities in cyber security and risk management within BBA
Develop and lead cyber security team, tools and processes
Strong awareness of market environment on cyber security trends, regulations, and practices
Preparing, reviewing and approving RFP responses
At least 15 years of relevant experience as a Cybersecurity consultant or an equivalent combination of
training and experience.
At least 15 years of relevant experience in the risk analysis process. Experience selecting risk assessment
methodology and analysis approach related to the ICS systems. Specific experience conducting high-level
system risk assessments based on the financial and HSE aspects of the ICS system and possible impacts
on the overall organization.
At least 10 years of relevant experience developing ICS Cybersecurity frameworks based on the National
Institute of Standards and Technology (NIST), NERC CIP, IEC-62443 and ISO/IEC 27001/2 standards.
At least 10 years of relevant experience planning, coordinating and performing threat, vulnerability and ICS
Cybersecurity assessments based on the Cybersecurity standards
Experience designing security architectures, product testing, and vendor selection.
Experience with penetration testing and technology countermeasures.
Experience performing hands-on infrastructure deployment tasks.
Onsite intrusion detection/prevention, disaster recovery and business continuity planning.