IM&T Senior Cybersecurity Consultant & ISO 27001 Program Controller

Posted Date 2 days ago
Location United Arab Emirates
Discipline Oil & Gas
Job Reference 33565
Salary 0.0
 

Job Title: IM&T Senior Cybersecurity Consultant & ISO 27001 Program Controller
Department: Cybersecurity Function (IDS) / Information Digitalization Department (IDD)
Location: [Specify Location, if applicable]
Employment Type: Contract

About the Role

Our client is seeking a highly skilled IM&T Senior Cybersecurity Consultant & ISO 27001 Program Controller to lead and support the implementation of IT & OT cybersecurity programs and ensure ongoing compliance with ISO 27001 standards. This critical role will be instrumental in executing the client’s ISMS Phase 7 Program while strengthening cybersecurity governance, risk management, and assurance capabilities across diverse digital and operational landscapes.

Key Responsibilities

  • Oversee and manage IT & OT Cybersecurity Management Systems in compliance with industry standards.

  • Lead multiple full-cycle implementations of ISA 62443 and ISO 27001:2022 ISMS frameworks.

  • Conduct and report on comprehensive IT & OT cybersecurity risk assessments and propose mitigation strategies.

  • Perform internal audits, compliance checks, and site security gap assessments across multiple locations.

  • Manage the ISO 27001 certification and surveillance audit process.

  • Develop, review, and maintain cybersecurity governance documentation and policies.

  • Act as a subject matter expert in ISO 27001 and ISA 62443, advising on secure system design, deployment, and operations.

  • Collaborate with cross-functional teams to deploy and maintain a secure IT/OT environment.

  • Conduct cybersecurity training, awareness sessions, and mentor internal teams.

  • Ensure effective execution of the client’s Cybersecurity Discipline Controls Assurance Framework (DCAF).

Qualifications & Experience

  • Graduate or Postgraduate degree, or equivalent experience in ISMS and Cybersecurity.

  • 20+ years of experience in IT Cybersecurity Management Systems.

  • 10+ years in IT/OT auditing and cybersecurity reporting.

  • 5+ years in OT security, preferably within industrial or energy sectors.

  • Demonstrated experience in:

    • At least 2 ISA 62443 implementations.

    • At least 5 ISO 27001:2022 implementations.

  • Strong project management skills with expertise in cybersecurity risk management and mitigation.

  • Excellent written and verbal communication skills in English.

Mandatory Certifications

  • ISO 27001:2022 Lead Auditor

  • Certified Information Security Manager (CISM)

  • Certified in Risk and Information Systems Control (CRISC)

  • Certified in Governance of Enterprise IT (CGEIT)

  • Global Industrial Cybersecurity Professional (GICSP)

  • Shell OT Security & DCAF Trainings

  • ITIL V3 Foundation

Preferred Certifications:
ISA 62443 (IC33M, IC34M, IC37M), GRID, GCIP, CEH, OSCP, GCIA, GCIH, Security+

What We’re Looking For

  • Deep understanding of OT cybersecurity standards (ISA/IEC 62443, NIST, ISO 27000 family).

  • Proven leadership in managing cybersecurity compliance programs within complex enterprise and industrial environments.

  • Ability to work independently and collaboratively in a multicultural, cross-disciplinary setting.

  • Strategic thinker with strong analytical, organizational, and mentorship capabilities.

Why Join?

This is a unique opportunity to contribute to a forward-thinking cybersecurity strategy and play a pivotal role in protecting vital infrastructure. The role offers a challenging environment, cross-functional collaboration, and a chance to shape a secure digital future with a leading industry client.