About the Role
Air Products, a global leader in industrial gases founded in 1940, is dedicated to operational excellence, safety, and environmental stewardship. The company is reimagining possibilities through its people's motivation and collective experience to drive innovation. The NEOM Green Hydrogen Project is a significant undertaking for Air Products, involving the design, build, and delivery of Process Controls/Process Automation Systems and IT/Digital Technology infrastructure. This role is critical for ensuring the cybersecurity compliance, resilience, and safe operation of essential power generation and transmission systems that support large-scale renewable energy assets.
The Cybersecurity Engineer – Renewable Power Sector functions as a senior technical individual contributor within the Project Cybersecurity Taskforce. This position is site-based in Duba, Tabuk Region, Saudi Arabia, operating on an 8 Weeks ON / 2 Weeks OFF rotation. The engineer will act as the technical liaison between Air Products project execution, commissioning teams, and vendors, ensuring effective implementation of cybersecurity controls without compromising critical project schedules.
Key Responsibilities
- Conduct field verification and validation of cybersecurity design and implementation for renewable power generation and transmission assets, ensuring adherence to Saudi and international standards.
- Assure cybersecurity controls for Solar PV plants, Wind Turbine systems, BESS, HV/MV substations, and grid interconnections, including PPC and EMS interfaces.
- Develop, maintain, and verify OT cybersecurity asset registers, network diagrams, zone-conduit models, and risk registers for power systems.
- Lead and support cyber risk assessments for power packages and OEM skid systems, tracking and closing mitigation actions with vendors and contractors.
- Support pre-commissioning and commissioning activities by validating firewall rules, secure remote access, endpoint hardening, role-based access control, logging, and monitoring prior to system energization.
- Oversee and participate in FAT, SAT, CSAT, and performance testing for substation automation systems, turbine control systems, and plant SCADA.
- Coordinate with subcontractors and OEMs to manage third-party access, remote connectivity, and cybersecurity compliance during construction and startup phases.
- Serve as the technical cybersecurity interface between project execution, commissioning teams, OEMs, grid operators, and client representatives.
- Support change management processes by reviewing and approving cybersecurity impacts of design, procurement, installation, and commissioning changes.
- Contribute to the OT cybersecurity handover to operations, including procedures, access governance, incident response alignment, backup, recovery, and secure remote support models.
Qualifications and Experience
- Bachelor's degree in Engineering (Electronics & Communication, or Instrumentation/Process Automation background preferred) or an equivalent qualification.
- A minimum of 10 to 15 years of experience in Operational Technology (OT) or a related field, with at least 3 years focused on designing, building, or validating the design/implementation of cybersecurity for industrial control systems and networks.
- Experience with project implementation involving Saudi cyber standards (HCIS, NCA) or ISA 62443 industry standards, specifications, regulations, and best practices.
- Strong knowledge of control systems (SAS, SCADA/DCS/PLCs, etc.), including Wind Turbine systems, relevant protocols (Modbus, PROFINET, DNP3, IEC61850, etc.), and key technologies such as Firewalls, IDS, Anti-Virus, and Vulnerability assessments within ICS/OT networks.
- Relevant OT/ICS cybersecurity accreditations such as ISA/IEC62443, SANS, or other internationally recognized certifications are preferred.
Technical Skills and Proficiencies
- Cybersecurity principles and practices within Operational Technology (OT) and Industrial Control Systems (ICS).
- Understanding of renewable power generation and power transmission systems, including Solar PV, Wind Turbine Systems, BESS, HV/MV Substations, and Grid Interfaces.
- Familiarity with Process Controls, Process Automation Systems, and IT/Digital Technology Infrastructure.
- Proficiency in implementing and verifying cybersecurity controls, ensuring resilience and safe operation.
- Experience with field verification, cyber risk assessments, and mitigation actions.
- Knowledge of firewall rules, secure remote access, endpoint hardening, role-based access control, logging, and monitoring.
- Experience with Factory Acceptance Testing (FAT), Site Acceptance Testing (SAT), Cybersecurity Acceptance Testing (CSAT), and performance testing for substation automation systems, turbine control systems, and plant SCADA.
- Ability to manage third-party access and remote connectivity.
- Understanding of change management processes in relation to cybersecurity.
- Familiarity with incident response, backup and recovery, and secure remote support models.
- Knowledge of Saudi Cyber Standards (HCIS, NCA) and ISA 62443.
- Familiarity with protocols such as Modbus, PROFINET, DNP3, and IEC61850.
- Experience with Intrusion Detection Systems (IDS) and vulnerability assessments.
- Advanced skills in Microsoft Office Suite, including Teams, SharePoint, Word, Excel, PowerPoint, and Visio.
Work Location and Arrangement
This is a full-time, site-based position located in Duba, Tabuk Region, Saudi Arabia. The work arrangement follows an 8 Weeks ON / 2 Weeks OFF rotation schedule.
Communication and Collaboration
The role requires excellent communication skills, enabling effective interaction at all organizational levels, both verbally and in writing. The engineer will act as a key technical interface, coordinating with project execution teams, commissioning personnel, OEMs, grid operators, and client representatives to ensure seamless integration and compliance.
