Title:  Lead Cybersecurity Analyst

Job Req ID:  13965

Aramco energizes the world economy.

Aramco occupies a unique position in the global energy industry. We are the world's largest producer of hydrocarbons (oil and gas), with the lowest upstream carbon intensity of any major producer. 

With our significant investment in technology and infrastructure, we strive to maximize the value of the energy we produce for the world along with a commitment to enhance Aramco’s value to society.

Headquartered in the Kingdom of Saudi Arabia, and with offices around the world, we combine market discipline with a generations’ spanning view of the future, born of our nine decades experience as responsible stewards of the Kingdom’s vast hydrocarbon resources. This responsibility has driven us to deliver significant societal and economic benefits to not just the Kingdom, but also to a vast number of communities, economies, and countries that rely on the vital and reliable energy that we supply.

We are one of the most profitable companies in the world, as well as amongst the top five global companies by market capitalization.


We are seeking an ICS Cybersecurity Architecture Specialist to join the ICS Security Division of Information Security Department. The ICS Security Division is responsible for providing corporate direction for all Industrial Control Systems (ICS) Cybersecurity Company-Wide. 

The ICS Cybersecurity Division is primarily responsible for:

  • Leading Company efforts in this highly technical profession and associated systems to secure all Company oil and gas operations, refineries, pipelines, terminals, bulk plants, and electrical power substations from cyber threats.
  • Managing, developing, and deploying ICS cybersecurity program including policies, strategy and roadmap, risk and compliance management, incident management, cybersecurity architecture, ICS cybersecurity vendors risks and compliance, ICS cybersecurity workforce, ICS cybersecurity research and development, monitor and improve Plants cybersecurity KPIs and posture, and provide continual status updates to senior management.
  • Strengthening and monitoring the plants ICS security posture and provide continual and appropriate status updates to senior management.

Duties & Responsibilities

  • Develop, improve, and maintain risk management frameworks
  • Evaluate risks to ICS environments
  • Research current and emerging threats
  • Validate likelihood of exploitation
  • Articulate exposure levels
  • Track and monitor risks
  • Seek to continually keep business decision makers informed about risks to the Saudi Aramco ICS landscape.

Minimum Requirements

  • Bachelor’s degree in Electrical Engineering, Computer Engineering or Computer Science from a recognized and approved program. An advanced degree in addition to CISSP and CISM certificates are preferred.
  • A Minimum 10 years experience in information security, including knowledge in ICS Cybersecurity.
  • Knowledge in industrial cyber security standards and guidelines such as ISA 99 (IEC 62443), C2M2, API 1164, IEC 61850 and NIST 800-82.
  • Extensive experience in information security risk management frameworks, such as ISO 27005 and NIST800-30/39, and risk analysis methods such as ISF IRAM, FAIR, or OCTAVE.
  • Ability to secure major ICS vendors’ systems such as Honeywell, Yokogawa, Siemens, Invensys Foxboro, Emerson, etc..
  • Experience ICS/SCADA product quality security assurance assessments and reviews.
  • Great familiarity in ICS secure systems development methodology such as ISASecure.
  • Demonstrate knowledge and experience in working with IT GRC solution such as Archer.

Working environment

Our high-performing employees are drawn by the challenging and rewarding professional, technical and industrial opportunities we offer, and are remunerated accordingly.

At Aramco, our people work on truly world-scale projects, supported by investment in capital and technology that is second to none. And because, as a global energy company, we are faced with addressing some of the world’s biggest technical, logistical and environmental challenges, we invest heavily in talent development.

We have a proud history of educating and training our workforce over many decades. Employees at all levels are encouraged to improve their sector-specific knowledge and competencies through our workforce development programs – one of the largest in the world.


Country/Region:  SA