Ensure the effective utilization of security tools (SIEM, EDR, IDS/IPS, Vulnerability Scanners, etc.) for continuous monitoring and threat detection.
Manage comprehensive vulnerability management programs, including regular scanning, assessment, and coordination of remediation efforts for existing operations and new projects.
Ensure the implementation and maintenance of security baselines for all systems, applications, and network devices within the CE Cluster.
Coordinate with IT and OT teams to ensure secure configurations and patch management are applied across all environments.
Handle cybersecurity incidents, follow up on their closure.
Continuously evaluate vulnerabilities and follow up on the application of security update packages and settings in the CE Cluster.
Arrange and contribute to periodic penetration tests on all internal and externally provided services and their technical components to assess the level of cybersecurity in the CE Cluster.
Ensure that endpoint security solutions are implemented across the systems in the plant and identify inconsistencies in the CE Cluster.
Conduct periodic scanning and checksums to ensure security status (i.e., YARA rules, queries) in the CE Cluster.
Conduct periodic simulated phishing attacks.
Evaluate network security controls, protocols, topologies, and device configurations.
Conduct periodic network security audits
Participate in incident response and business continuity management.
Identify the list of network devices managed by the Cybersecurity Operations function and maintain an updated asset inventory defining criticality and ownership.
Maintain a baseline configuration for network security assets such as internal/external firewalls, IPS/IDS, NAC systems, anti-DDOS, and VPN, and test firewall and IDS/IPS logs against forensics requirements
Schedule periodic configuration reviews to ensure network device configurations follow best practices.
Document a process for network devices to align with approved security configurations.
Ensure the implementation of cybersecurity policies, procedures, standards, and controls in strict alignment with NCA regulations (e.g., ECC, OTCC, CCC, TCC) and other relevant KSA regulatory frameworks.
Conduct regular assessments of cybersecurity posture against NCA standards for both operational assets and projects under construction.
Ensure cybersecurity considerations are integrated into all phases of new construction projects, from design and procurement to implementation and commissioning, adhering to NCA guidelines.
Work closely with project teams to ensure cybersecurity requirements are met for Industrial Control Systems (ICS) and Operational Technology (OT) deployed in new facilities as per the OTS.
Monitor changes in NCA regulations and update internal policies and controls accordingly.
Maintain compliance with ACWA policies and local regulatory requirements across all activities.
Participate in cybersecurity risk assessments, identifying potential threats and vulnerabilities to critical assets in both operational and project environments.
Implement risk mitigation strategies and controls.
Provide regular reports to management on cybersecurity posture and compliance status.
Promote a strong cybersecurity awareness culture across the organization.
Work with third-party vendors, EPCs, and contractors to ensure their compliance with organizational and NCA cybersecurity requirements.
