Cybersecurity Senior Technician wanted by SERCO – Dubai

Serco logo

APPLY HERE

Serco logo
Serco logo
Rail OT Cybersecurity Senior Technician – Success Profile
Reporting to: Rail OT Cyber security Team Leader
Division/Function: Transport / Dubai Metro
Base location: Engineering and Maintenance

The purpose of this Rail OT Cyber security Senior Technician position is to:
perform responsibilities for the Cyber Security and Rail Systems Team (CSRST) covering all of Engineering (ATC, Combs, AFC, MEPs, RSK, TRK & Cavils, Depot);
run an on-call system to be point of contact outside of the 24/7 running of the network;
Participate actively to the 5 main cyber security functions: Identify, Protect, Detect, Respond and Recover;
deliver its core objectives, but not limited to:
Cyber security Preventative and Corrective Maintenance of Rail OT machines;
System wide back up of Rail OT machines;

Upgrade of the virus definitions of Rail OT machines;
Log and report on the Cyber security posture and conditioning of Rail OT machines;
Responsible for working in a 24×7 Cyber security Operation Centre (CSOC) environment;
Investigate, document, and report on information security issues and emerging trends;
Provide Incident Response (IR) support when analysis confirms actionable cyber-incident;
Respond to previously undisclosed software and hardware vulnerabilities.

Structure and reporting relationship

This position as Rail OT Cyber security Senior Technicianwill:

report to Rail OT Cybersecurity Team Leader.

Based on the specific requirement of the role

Key accountabilities

Carry out all OT-related cybersecurity preventive maintenance (PM) and corrective maintenance (CM) activities and minor modifications on Rail OT Systems machines to include but limited to, servers, workstations, desktops and laptops. Some of these systems are installed along trackside, whilst others can be found in stations and still some others in depots;
Respond to Cyber Threats from the Cyber Security Operations Center (CSOC), NMOC or Maintenance Centre and control the impact;
Audit the Rail Systems to provide reports on IT/OT misuse under the guidance of Engineering department;
Competent in Cybersecurity threat Management;
Able to run full scenarios for system lock downs due to Cyber threat;
Audits of all Rail Systems and its use within Engineering;
Follow the relevant procedures and work instructions to ensure compliance with the required requirements;
Ensure the maintenance tools & equipment are in good condition;
Produce and maintain accurate maintenance records of Rail Systems machines, equipment performance, work accomplished and other information using a computerized maintenance management system;
Assist the Engineering Systems and/or other technical support staff to implement complex systems or new projects;
Drive work vehicles when responding to emergencies and when required on duty;
Perform shift and emergency duties when required;
Perform and carry out duties as instructed/ directed by theRail OT Cybersecurity Team Leader or/and theRail OT Cybersecurity Manager.

SAE Responsibilities and Information Security Responsibilities

Awareness of the Integrated Management System and the content of the Health, Safety, Quality & Environment and Information Security Policy Statements;
Understanding of personal responsibilities and contribution to achieving compliance with the Integrated Management System requirements, (including but not limited to competence to perform safety critical roles, legal requirements, control measures arisen from environmental impacts and aspects, job safety analysis and information security risk assessment) and the potential consequences of departure from the arrangements in place to deliver the commitments stated in the policies statements above;
To exercise a personal duty of care for their own health, safety and welfare and for those affected by their acts or omissions;
To use safety equipment (including PPE) as required and intended and observe that this is also enforced among subcontractors and third parties working in Serco’s controlled premises/systems
Promote a good HSQE and Information Security culture among their peers, subcontractors and third parties;
Look at ways to conserve energy, water and resources and minimize the generation of waste through personal performance and raise recommendations on how to improve existing processes on this regard within/outside their departments through their Line Manager, Departmental Safety Meetings and any other appropriate available channels;
Protect information assets and data including both electronic and paper based from all threats whether internal, external, deliberate or accidental;
Promote a good HSQE and Information Security culture among their peers, subcontractors and third parties.

Essential technical and professional skills , knowledge and qualifications

Knowledge

Vocational trade certificate or diploma in Information Technology discipline or equivalent;
Working knowledge in maintaining Rail OT Systems machines (servers, workstations, desktops and laptops) and installing third party software would be an advantage;
Good technical knowledge in Operational technology, Industrial controls systems and Cybersecurity;
Basic knowledge in database tables (SQL Server, Oracle or MySQL).

Skills

Must have good eyesight and normal color vision;
Ability to compile simple technical reports, routine business correspondence, prepare method statements and drawings as required;
Possess good communication skills and the ability to manage multiple tasks efficiently and work productively in a fast-paced, team-oriented environment;
Detail oriented, and the ability to handle multiple priorities;
Hold a valid UAE driving license with good driving skill and experience;
Keen interest in IT and OT and its related discipline;
Basic Cybersecurity incident handling skills.

Experience

Minimum 1-year work experience as a computer/systems/cybersecurity technician in Rail OT environment (ICS, SCADA and operations control systems);

Additional/special features of the role

Ensure compliance with the Serco Management System and all relevant business processes, procedures and work instructions to deliver all work with appropriate quality and governance standards;
Act as part of the Cybersecurity and Rail Systems Teamand conduct tasks during the various stages of project management, procurement and FAT/SAT testing as instructed;
Perform all procedures necessary to ensure the safety of information systems assets and to protect systems from intention or inadvertent access or destruction;
Review log files for security products;
Support the Cybersecurity Incident Response activities, support the coordination with other departments to record and report cyber-incidents;
Ensure safety, availability and integrity of all data provided including reporting performance, finance and customer information; reference Serco non-disclosure policy
Perform Cybersecurity Incident Response activities, coordinate with other departments to record and report incidents;
Conduct operating systems, application, and database vulnerability assessments (to include system configuration checks);
Assist in security awareness activities;
Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information;
Analyze audit security incident logs for individual or multiple networked devices for sensitive information, unauthorized processes and unauthorized network connections;
Perform security analysis and risk management assessments with guidance;
Maintains current knowledge of relevant technology as assigned;
Participate actively to the Serco Dubai Metro Computer emergency response team activities
Ensures achievement of operational and day to day goals and plans for days ahead;
Decisions impacting own specific area, although made within an existing framework; adapts own knowledge/experience to the situation;
Communicating with Control Centre Controllers;
Communicating with persons responsible for a Track Possession, Worksite or movements of rail vehicles within a Possession;
Establishing, supervising and removing a safe system of work to protect the safety of persons working on or near the track;
Must obtain qualification as Line-Person-In-Charge.

Team Leader wanted by SERCO – Dubai

Serco logo

APPLY HERE

Serco logo
Serco logo

Career Opportunities: Rail OT Cybersecurity Team Leader (52118)
Rail OT Cybersecurity Team Leader – Success Profile
Reporting to: Rail OT Cyber security Manager
Division/Function: Transport / Dubai Metro
Base location: Engineering and Maintenance

The purpose of this Rail OT Cyber security Team Leader position is to:
perform Team leader level responsibilities for the Cyber Security and Rail Systems Team (CSRST) covering all of Engineering (ATC, Combs, AFC, MEPs, RSK, TRK & Cavils, Depot);
run an on-call system to be point of contact outside of the 24/7 running of the network;
Participate actively to the 5 main cyber security functions: Identify, Protect, Detect, Respond and Recover;
supervise and lead a team to deliver its core objectives, but not limited to:
Cyber security Preventative and Corrective Maintenance of Rail OT machines;
System wide back up of Rail OT machines;

Upgrade of the virus definitions of Rail OT machines;
Log and report on the Cyber security posture and conditioning of Rail OT machines;
Support the leadership to ensure that the identified controls as per the approved security baseline are maintained at all times;
Responsible for working in a 24×7 Cyber security Operation Centre (CSOC) environment;
Provide analysis and trending of security log data from a large number of heterogeneous security devices;
Investigate, document, and report on information security issues and emerging trends;
Provide Incident Response (IR) support when analysis confirms actionable cyber-incident;
Provide threat and vulnerability analysis as well as security advisory services;
Analyse and respond to previously undisclosed software and hardware vulnerabilities.

Structure and reporting relationship

This position as Rail OT Cyber security Team Leader will:

report to Rail OT Cyber security Manager;
have to manage one or more Rail OT Cyber security Senior Technician(s).

Based on the specific requirement of the role

Key accountabilities

Lead a team of Rail OT Cybersecurity Senior Techniciansto carry out all OT-related cybersecurity preventive maintenance (PM) and corrective maintenance (CM) activities and minor modifications on Rail OT Systems machines to include but limited to, servers, workstations, desktops and laptops. Some of these systems are installed along trackside, whilst others can be found in stations and still some others in depots;
Respond to Cyber Threats from the Cyber Security Operations Center (CSOC), NMOC or Maintenance Centre and control the impact;
Build robust processes to combat Human intervention;
Audit the Rail Systems to provide reports on IT/OT misuse under the guidance of Engineering department;
Competent in Cybersecurity threat Management;
Able to run full scenarios for system lock downs due to Cyber threat;
Building of, handling the change and implementation of new procedures;
Audits of all Rail Systems and its use within Engineering;
Act, contain and recommend actions from Cyber threats;
Follow the relevant procedures and work instructions to ensure compliance with the required requirements;
Ensure the maintenance tools & equipment are in good condition;
Assist subordinates with the job familiarization;
Conduct performance reviews and competency assessment for Rail OT Cybersecurity Senior Technicians;
Assist and support in conducting disciplinary and grievance meetings for Rail OT Cybersecurity Senior Technicians;
Produce and maintain accurate maintenance records of Rail Systems machines, equipment performance, work accomplished and other information using a computerized maintenance management system;
Assist the Engineering Systems and/or other technical support staff to implement complex systems or new projects;
Drive work vehicles when responding to emergencies and when required on duty;
Perform shift and emergency duties when required;
Perform and carry out duties as instructed/ directed by the Rail OT Cybersecurity Manager or/and Senior Management.

SAE Responsibilities and Information Security Responsibilities

Awareness of the Integrated Management System and the content of the Health, Safety, Quality & Environment and Information Security Policy Statements;
Understanding of personal responsibilities and contribution to achieving compliance with the Integrated Management System requirements, (including but not limited to competence to perform safety critical roles, legal requirements, control measures arisen from environmental impacts and aspects, job safety analysis and information security risk assessment) and the potential consequences of departure from the arrangements in place to deliver the commitments stated in the policies statements above;
To exercise a personal duty of care for their own health, safety and welfare and for those affected by their acts or omissions;
To use safety equipment (including PPE) as required and intended and observe that this is also enforced among subcontractors and third parties working in Serco’s controlled premises/systems
Promote a good HSQE and Information Security culture among their peers, subcontractors and third parties;
Lead by example and look at ways to conserve energy, water and resources and minimize the generation of waste through personal performance and raise recommendations on how to improve existing processes on this regard within/outside their departments through their Line Manager, Departmental Safety Meetings and any other appropriate available channels;
Protect information assets and data including both electronic and paper based from all threats whether internal, external, deliberate or accidental;
Promote a good HSQE and Information Security culture among their peers, subcontractors and third parties.

Essential technical and professional skills , knowledge and qualifications

Knowledge

Vocational trade certificate or diploma in Information Technology discipline or equivalent;
Working knowledge in maintaining Rail OT Systems machines (servers, workstations, desktops and laptops) and installing third party software would be an advantage;
Strong technical knowledge in Operational technology, Industrial controls systems and Cybersecurity;
Knowledge in database tables (SQL Server, Oracle or MySQL).

Experience

Minimum 3-year work experience as a computer/systems/cybersecurity technician in Rail OT environment (ICS, SCADA and operations control systems);
Preferably with 1 year of supervisory experience in supervising a team of computer technicians to carry out the OT-related activities.

 

Manager Ethics and Compliance wanted by Etihad in Abu Dhabi

Etihad airways UAE

APPLY HERE

Etihad airways UAE
Etihad airways UAE

Manager Ethics and Compliance (Data Privacy)
Date: 03-May-2018
Location: United Arab Emirates
Let your career take off with the World’s Leading Airline, Etihad Airways. Work in the forefront of the aviation industry, with the airline that has reimagined the flying experience through its pioneering products and services.

We are pleased to announce an incredibly exciting opportunity to join the as Manager Ethics and Compliance (Data Privacy), you will add immediate value by having primary responsibility for managing the global data protection compliance programme for the Etihad Group as directed by the Head of Ethics and Compliance and Data Protection Officer. The incumbent shall support the group Data Protection Officer to monitor compliance for the group and to provide guidance and support – acting as a key contact for all related matters. The Manager shall display the utmost integrity and shall maintain objectivity and impartiality when performing the functions of this role.

SPECIFIC RESPONSIBILITIES

Managing the Data Protection Compliance Programme

Provides leadership and guidance to the Business on all aspects of the data protection compliance programme including:
Plan the EAG global privacy programme under in keeping with objectives set by the DPO
Act as a key contact and reference point for all data protection related issues for internal and external parties (seeking legal advice where necessary).
Responsible for developing and implementing Group Policies on data protection.
Resolving ad hoc queries and issues relating to data protection
Identifying data protection and information security issues that need addressing, in particular in relation to suppliers and to IT systems, and working with management to address those issues.
Receiving and dealing with data protection subject access requests.
Requests from law enforcement
Perform Privacy Impact Assessments on systems and processes as needed, identify privacy risks, recommend remedial action and follow up to conclusion
Form part of the data breach response team providing guidance and support in order to meet breach notification requirements

—————————————-READ MORE—————————————-

 

Security Analyst wanted by Commercial Bank Dubai

commercial bank of Dubai

APPLY HERE

commercial bank of Dubai
commercial bank of Dubai

Senior IT Security Analyst – (17000289)
Description
Job Purpose:
To ensure that all systems (Including OS/ Database/ Networks/ Infrastructure) in CBD are protected against all known current and future vulnerabilities by conducting regular independent Assessments of technology and process. Evaluating and recommending mitigating controls needed to protect CBD information and networks and help determine an acceptable level of risk for the Bank.

Principals Accountabilities
Conduct periodic security assessments to identify vulnerabilities and help determine, recommend solutions to reduce level of risks to an acceptable level or to meet the risk appetite of the bank.

Perform regular Vulnerability Assessment on information assets and technologies.
Perform regular and Adhoc logical access control reviews on hosting infrastructure systems.
Continuously assess the gaps between the implemented security controls and those established at a policy level.

Maintain risk, issue and change registers for information security.
Identify security violations, security risks and vulnerabilities, escalate them to the attention of ITD Management and recommend the best ways to reduce any information security risks.
Identify compliant and non-compliant processes and system and evaluate their effectiveness. Make recommendations for improvements in line with IS Governance requirements, local and International regulations and professional practice standards (such as PCI-DSS, ISO 27001 etc.)
Support Information Security Awareness initiatives carried out by IT-GRC Unit.

Qualifications

Qualifications

Bachelor’s degrees in Computer Science, Information Systems or equivalent work experience are required.
CISA/CISM/CRICS/CISSP or well-known industry relevant certification is preferable.
Experience

Minimum 5 years in Information Technology and security related work arena.
Experience in computer security operations, policies/standards, and IT Vulnerability, threat & risk management.
Knowledge of security frameworks, standards, and guidelines is preferred.
IT Security project management experience.

Primary Location: AE-AE-Dubai
Work Locations: Head Office 2668 Al Ittihad Road, Port Saeed, Dubai Dubai
Job: Information Technology
Organization: Information Technology
Employee Status: Regular
Shift: Day Job
Job Level: Individual Contributor
Travel: No
Job Posting: Apr 1, 2018, 8:32:53 AM

ATM Support Specialist wanted by SERCO in Dubai

Serco logo
Serco logo
Serco logo

Career Opportunities: ATM Systems Support Specialist (49829)
Req ID 49829 – Posted 26/03/2018 – United Arab Emirates – Dubai – IT – Full Time

Serco is a FTSE 250 international service company which combines commercial know-how with a deep public service ethos.
Serco customers are looking for expertise in managing their people, processes, technology and assets more effectively. We advise economic decision makers, design innovative solutions, integrate systems and – most of all – deliver quality services directly to the public.
Serco supplies to governments, government enterprise, agencies and companies who seek a trusted outsourcing partner with a solid track-record of service excellence. Serco people offer operational, logistical and technical expertise in the Transport, Justice and Immigration, Defence, Education and Healthcare industries as well as in the commercial sectors of Facilities Management.
Serco Middle East have been in the Region since 1947, starting out delivering Air Traffic Control Services in Bahrain; a service we are proudly still running today and have expanded to include many other Airports in the region.
We have expanded significantly since that time across the UAE, Saudi Arabia, Qatar and Iraq. We have been supporting the RTA to operate the Dubai Metro since 2009 and have launched the flagship Saudi Arabia Passenger Rail service from Riyadh to Qassim in 2017. We deliver Facility Management services to Hospitals, Universities, Airports, Military Facilities and Commercial Estates in the UAE and large-scale medical facilities in Saudi Arabia. We also deliver staff training and education to selected officers of the Qatar Armed Forces at the Officers’ training institute located at the Ahmed Bin Mohammed Military College in Doha.
Focussing on our core values, and creating a positive environment for employees to thrive, we look forward to a bright future as we continue to grow with the region.

We are looking for a highly motivated, experienced and confident ATM Systems Support Specialist who will assist and support the Head of ATM Systems to ensure that the departmental performance and information are captured, monitored and analyzed from all the vast multitudes of data received and recorded from various sources including effort consumption and reported in daily basis

The job holder shall assist the Head of ATM Systems to deliver goals and objectives set by the business strategy to support the achievement of functional objectives. The job holder maintains contact with a variety of entities inside the airport including ATC, Aviation Units, relevant ATS departments, Dubai Airports, contractors and suppliers through the Head of ATM Systems.

Interacts internally and externally through the Head of ATM Systems.

The job holder provides administration duties and guidance for the department and is required to manage multiple and/or conflicting activities. Advises the Head of ATM Systems on options for problem resolution in situations that fall outside established guidelines or where the choice among options is less obvious. Errors made by the jobholder could result in inaccurate measurements and departmental performance.

 

Key accountabilities

Maintain and provide technical and administrative support to Head of ATMS
Ensure Change Management processes are followed and documented according to ATM systems department procedures.
Maintain ATMS database, application, tracking tool, etc. uptime for the daily activities of all designated ATM systems.
Work with the ATMS managers and team members to ensure that he ATMS departmental performance and information are captured and analyzed from all the vast multitudes of data received and recorded from various sources and reported in daily basis.
Ensure that the ATMS departmental performance and information are managed in a centralized and efficiently manner keeping records of communications with concerned parties.
Adhere to the departmental and organization processes to lead and contribute to work package activities as required.

Qualifications and Education:

The post holder shall have as a minimum, a Bachelor Degree or Higher Diploma from a recognized University, Training Establishment, or have equivalent and relevant experience.

Experience:

Wide experience in technical support position in UAE operational environment
Experience in hardware & software support.
Aviation industry experience preferable

Skills:

Fluency in written and spoken English is essential
Resourceful team player who excels at building trusting relationships with customers and colleagues.
Attention to details and analytical skills
Problem solving and decision making
Excellent communication and organisational skills
The ability to develop quality standards, testing procedures, inspection reporting formats, and ability to conceptualize tasks and accomplish them.
An ability to work to tight deadlines and make correct decisions under pressure
Ability to work in a multicultural environment
Computer literacy with MS office packages, Linux, database, MySQL etc. skills
Additional / special features of the role

The job holder is governed by international standards procedures. Additionally, a range of international criteria for electronic data exchange apply. The effective functioning of the department is dependent upon the co-operative effort of all aeronautical services, such as air traffic services, communications, engineering, etc. The jobholder must be able to perform out of hours standby duties to support DWC and DXB operations.
Ensure compliance with the Serco Management System and all relevant business processes, procedures and work instructions to deliver all work with appropriate quality and governance standards
Ensure security and integrity of all data provided including reporting performance, finance and customer information; reference Serco non-disclosure policy
To exercise personal duty of care for their own health, safety and welfare and for those affected by their acts or omissions; reference SMS GSOP-HSE1-6 Serco organisational HSE responsibilities
Ensure compliance with all training requirements of Serco and ensure adherence to these requirements at all times whilst in employment
Report any accidents, incidents, breaches or potential breaches to appropriate management or the speak up process
The job holder is governed by international standards procedures. Additionally, a range of international criteria for electronic data exchange apply. The effective functioning of the department is dependent upon the co-operative effort of all aeronautical services, such as air traffic services, communications, engineering, etc.
Serco is committed to Equal Employment Opportunities and is committed to ensuring the safety of all of its employees through its Zero Harm initiative. To view internal opportunities, please visit JobShop which can be found under My Workspace/My Applications in Ourworld.

 

APPLY HERE