Cyber Security Practice Lead- NIST/NERC


Full time

 Acting as the Subject Matter expert (SME), the SME will help planning, developing and coordinating

activities of the ICS Cybersecurity practice including the technical and business aspects.

 Developing governance, policies, procedures and security plans in all cyber security domains, i.e. Cyber

Incident Response Plans, Cyber Security Access Control Management, Remote Access Controls

(multifactor authentication), Configuration Management, Backup and Restore, Physical Security, and

Cybersecurity awareness & training plans.

 Preparing reports, plans, specifications and RFPs in accordance with needs expressed by clients.

 Assessing client satisfaction and maintaining close relations with the client.

 Performing Cybersecurity Assessments.

 Identifying the risks and vulnerability reassessment frequency and triggering criteria based on technology,

organization or operations.

 Providing Cybersecurity training.

 Manage client relations and engagements

 Manage and develop business opportunities in cyber security and risk management‎ within BBA

 Develop and lead cyber security team, tools and ‎ processes

 Strong awareness of market environment on cyber security trends, regulations, and practices

 Preparing, reviewing and approving RFP responses



 At least 15 years of relevant experience as a Cybersecurity consultant or an equivalent combination of

training and experience.

 At least 15 years of relevant experience in the risk analysis process. Experience selecting risk assessment

methodology and analysis approach related to the ICS systems. Specific experience conducting high-level

system risk assessments based on the financial and HSE aspects of the ICS system and possible impacts

on the overall organization.

 At least 10 years of relevant experience developing ICS Cybersecurity frameworks based on the National

Institute of Standards and Technology (NIST), NERC CIP, IEC-62443 and ISO/IEC 27001/2 standards.

 At least 10 years of relevant experience planning, coordinating and performing threat, vulnerability and ICS

Cybersecurity assessments based on the Cybersecurity standards

 Experience designing security architectures, product testing, and vendor selection.

 Experience with penetration testing and technology countermeasures.

 Experience performing hands-on infrastructure deployment tasks.

 Onsite intrusion detection/prevention, disaster recovery and business continuity planning.


Resume received!