Duff & Phelps Corp
Kroll, a division of Duff & Phelps and part of the Governance, Risk, Investigations and Disputes business unit, is the leading global provider of risk solutions. For more than 45 years, Kroll has helped clients make confident risk management decisions about people, assets, operations and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security, and data and information management services.
Kroll’s Cyber Risk team works on over 2,000 cases a year, including some of the most complex and highest profile matters in the world. With experts based around the world, supported by ground-breaking technology, we help protect our client’s data, people,
operations and reputation with innovative assessments, investigations and intelligence. We are the only company in the world with the expertise and resources to deliver global, end-to-end cyber risk management, supporting organizations through every step of their journey toward cyber resilience.
Clients count on us for quick and expert support in the event of and in preparation against a cyber incident; from incident response to risk assessments, and complex forensics to breach notification and ID theft remediation we help clients – of all sizes – respond with confidence.
We are currently looking for a highly ambitious Industrial Control System Security VP to join our rapidly expanding EMEA Cyber Risk practice. This role has flexibility to be located near our offices in UAE or Riyadh.
- Reviewing ICS architecture designs and providing input and advice on integration with our Enterprise Architecture while ensuring security requirements are met, including recommendations for new or enhanced technologies to meet security requirements.
- Ensuring relevant process documentation is in place and where relevant, undertaking assessments of compliance
- Identifying and recording risks associated with the integration of IT into operational areas, assessing impact, probability and recommending mitigations where the level of risk needs to be managed
- ICS forensics including log analysis in an ICS/SCADA environment
- Document technical issues identified throughout the assessment process and clearly communicate detailed findings to clients with remediation guidance
- Direct the activities of the consulting project teams, ensure that consistent approaches and methodologies are used and that the firm's practices are continuously improved
- Investigate new technologies and provide plans for their introduction into the business where necessary
- Contribute to the development of new opportunities and clients
- Contribute to the professional development and evaluation of project team members
- Bachelor’s degree required; Master’s degree a plus
- Approx. 8-10 years of ICS Security experience (including Information Security and Risk Management) gained at a top tier consulting firm
- Strong team, project and client management experience
- Proficient in MS Office. Ideally also proficient in investigative analysis tools.
- Cyber Security Certifications including CISSP, CISM etc.
- Fluent on advanced proficiency in English & Arabic
- Travel required approx. 35% of the time
- Excellent written and verbal communication skills that help represent diverse communities
- Experience working with diverse teams