Hello, we are Averis!
We are a Global Business Services (GBS) that look into consolidating services and standardization of transactional practices, helping MNC / large enterprises achieve better economies of scale by mean of improving productivity and reducing costs.
Our journey started in 2006, and today, more than 700 Averians are servicing over 300 companies across 32 locations globally with Kuala Lumpur being the Headquarter. Our specialization includes Finance & Accounting, Human Resources, Information Technology, Shipping Documentation, Change Management, Data Security, and Business Information.
Responsibilities:
- Responsible for identifying and assessing OT security gaps in our customers environment especially industrial control systems (ICS) and then recommend mitigation / remediation solutions.
- Provide regular risk briefing to senior management on the findings (Gaps) and develop remediation approaches.
- Work with the peers from manufacturing / plant, IT infrastructure and other related business teams in designing secure communications both within the internal and external network.
- Responsible for OT security technology (strategies, policies, framework, architectures and roadmaps) implementation based on the business strategy, cybersecurity assessments, IT and OT trends, and the overall threat landscape.
- Responsible on providing specialist consultancy on OT space and its convergence with IT.
- Responsible for embedding the principles of the company's information security policy throughout OT program.
- Responsible for supporting company's OT initiatives with the development of high-level and low-level architecture designs including recommended security controls for complete IT-OT security.
- Deploying or supporting security practices and technologies such as risk or vulnerability assessments, antivirus software, firewalls, intrusion detection systems, centralized alert logging and monitoring in ICS environments.
Requirement:
- Minimum of 2 - 3 years industrial control systems security background with relevant previous experience in a technical or consulting environment.
- Minimum 2 years comprehensive working knowledge of one or more of the following: IEC 62443/ISA 99, ISO 27001, NIST SP 800-82.
- Fundamental understanding of IT and OT network communication protocols (e.g. TCP/IP, UDP, DNP3, Modbus, IEC61850, OPC, PROFINET, etc.).
- Experience deploying or supporting security practices and technologies such as risk or vulnerability assessments, antivirus software, firewalls, intrusion detection systems, centralized alert logging and monitoring in ICS environments.
- Ability to author technical and non-technical documents for varying audiences from technical automation personnel to senior security or operations personnel.
- Relevant industry or industrial certifications are highly preferred such as SANS GICSP, CISM, CISSP, IEC62443, CCNA, CCNP, etc.
- Strong cloud technology experience is a plus.
- Excellent collaboration, interpersonal and communication (written and verbal) skills.
- English a must. Bahasa Indonesia, Mandarin, and Portuguese language capability will be advantageous.
- On-site travel based on the requirement.
