Ruya Cybersecurity Engineer 1 (JR: 1541)

  • Doha
  • Permanent
  • Thu Dec 11 09:12:10 2025
  • JO022156

| MAJOR PROJECTS |
| AL SHAHEEN FIELD |

JOB DESCRIPTION

Organizational Entity:

North Oil Company (NOC) / Major Projects

JOB TITLE:

RUYA B1 Cybersecurity Engineer

SITUATION IN ORGANIZATION:

  • Manager N+1: RUYA B1 Project Manager
  • Functional Hierarchy: RUYA B1 Lead Cybersecurity

ACCOUNTABILITIES:

  • Ensure Engineering Dossier are delivered with a robust cybersecurity engineering definition and fit-for-purpose design that can be procured, fabricated, transported, installed, and operated safely, meeting the requirements of NOC standard, project basis of design, and SOR.

  • Ensure assigned project tasks are well managed in accordance with the project execution plan and contractual requirements that include but are not limited to:

    • Implementation of NOC cybersecurity requirements and standards.
    • Thorough, efficient, and timely review of the relevant project discipline documents, realization of potential derogations to the standards, and challenge the design to achieve an optimized and fit-for-purpose outcome.
    • Focal point for cybersecurity discipline; interface and coordinate cybersecurity subjects and required activities with NOC MP Engineering Team, NOC DBS Cybersecurity team, and RUYA B1 Packages.
    • Support project audits, studies, tests, and meetings related to the Cybersecurity discipline as per project-approved gate levels and design maturity.

JOB DIMENSIONS:

  • COMPANY operates in the Al Shaheen Oilfield block-5 with 45 offshore platforms across 11 locations located 80 km from shore.

  • Ruya Batch 1 will involve projects executed over 5 years with CAPEX investment of several billions USD.

  • Ruya B1 Project Features (executed through several EPCIC contracts in parallel):

    • New Wellhead Platforms: 9 WHP of different types.
    • New Riser Platform, bridge-linked to existing platforms.
    • Brownfield Modifications.
    • New Central Processing Facility: circa 26 kt + Flare Tower.
    • New pipelines between WHP, CPF, and existing facilities.
    • Additional pipeline/equipment linked to debottlenecking of existing facilities, Water Alternate Gas, Electrical submerged pumps.

  • The Job holder belongs to the Major Project Division and reports to RUYA B1 Lead Cybersecurity.

  • The Job holder ensures coordination with the DBS Information Security focal point/OT Security Specialist to ensure Company standards and policies are strictly applied.

  • The Job holder is based in Company premises (Doha) during the initial stages and relocates to Vendor/Supplier location and/or EPCIC CTR premises or yards during the execution stage of the project.

  • The job holder is part of the RUYA B1 CPP Package Organization and serves as the focal point for all cybersecurity subjects for RUYA CPP, RP, WHP, and Pipeline Packages.

ACTIVITIES:

  • Ensure Engineering Dossier are delivered with a robust cybersecurity engineering definition and fit-for-purpose design to meet all safety, quality, and schedule requirements.

  • Ensure and coordinate the proper realization of the cybersecurity design in compliance with NOC Standard, project specifications, procedures, and schedule.

  • Monitor, audit, and guide all Cybersecurity-related activities performed by ICSS OEM/Contractor/Integrator to deliver a reliable and maintainable plant that meets the required availability.

  • Act as the Cybersecurity representative during audits of ICSS OEM/Contractor/Integrator and technical matters related to packages Cybersecurity (Telecom, MMS, ECS, Turbomachinery, ICSS Systems).

  • Identify cybersecurity engineering technical decisions; consult NOC DBS cybersecurity team and related departments, define a clear way forward, and report to RUYA B1 Lead Cybersecurity.

  • Monitor vendor-supplied equipment to ensure compliance with Project requirements and cybersecurity rules.

  • Participate in equipment cyber DVT, FAT, IFAT, YAT, SAT, and inspections at vendor premises as required.

  • Follow-up with contractors/suppliers to ensure closure of identified cybersecurity punches and track their status.

  • Ensure coordination with other disciplines for engineering, operational matters, and NOC DBS corporate.

  • Ensure feedback and lessons learned from similar projects are incorporated into the design.

  • Assist with cybersecurity discipline kick-off meeting planning with EPC Contractor.

  • Provide technical advice to disciplines, including Instrumentation, ICSS, Electrical, Telecom, Construction, Commissioning, Operations, Procurement, and Commercial.

  • Review project cybersecurity discipline documents efficiently and challenge designs for optimized outcomes.

  • Ensure timely review/commenting of cybersecurity-related project documents per NOC standards, project specifications, and contractual requirements.

  • Identify optimization/improvement areas in design dossiers for early-stage implementation and promote value engineering proposals.

  • Promote fit-for-purpose designs that reduce planning and costs.

  • Coordinate project responses to contractor/vendor clarifications and Technical Query Requests (TQR).

  • Identify deviations/derogations to NOC requirements, assist in deviation package preparation, and consult NOC DBS cybersecurity team for proper processing and approval.

  • Review final project documentation, including dossiers and as-built drawings.

  • Define, track, and evaluate cybersecurity discipline studies and audits by contractors to ensure project gate completion.

  • Assist with project studies, reviews, and audits, including HAZOP, Cyber PHA (Risk Assessment), SIL, HAZID.

CONTEXT AND ENVIRONMENT:

  • Activities include greenfield (new development), brownfield (on existing platforms), and integration works.
  • Work involves reviewing design documentation for compliance with SOR, specifications, and requirements.
  • Major offshore projects often include platform development, facility integration, subsea pipeline installation, and debottlenecking of functions.
  • Complex interfaces exist with other NOC entities.
  • ICSS engineering development starts at OEM Vendor locations, moving to CTR premises and fabrication yards.
  • International missions may be required to monitor engineering development.

QUALIFICATIONS & EXPERIENCE REQUIRED:

  • Education: Engineering degree in Electrical/Electronic, Instrument, or Control Engineering (or similar).
  • Experience: 10-15 years in ICSS and Packages Cybersecurity engineering for Offshore Oil and Gas.
  • Expertise in conducting cybersecurity risk analysis and implementing treatment plans.
  • Detailed knowledge of ISA99/IEC 62443, ISA/IEC 61511, NIST, and Qatar ICS security standards.
  • Ability/willingness to obtain offshore certifications (e.g., OPITO T-BOSEIT, OPITO H2S, QE Pass).
  • Active industry certifications (e.g., ISA99/IEC 62443, GICSP, CISSP) are a plus.
  • Strong project design, execution, and interface knowledge.
  • Proficient in cybersecurity design-related software.
  • Leadership, communication, analytical skills, and experience in multicultural environments.
  • Familiarity with Total general specifications and international codes (advantageous).
  • Fluent in English; ability to travel and work on complex projects.

| Job Holder: __________ | Manager: __________ |
| Date: __________ | Date: __________ |
| Visa: __________ | Visa: __________ |