ICS/OT-Cybersecurity Engineer/Network Security Engineer

About The Position

Requirements

• Strong understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST CSF, NIST 800-53, NIST SP 800-82, CIS, MITRE ATT&CK for ICS.)
• Strong understanding of OT network communication protocols (e.g., Ethernet/IP, CIP, Modbus, OPC, etc.) and industrial networking topologies (e.g., ring, star, etc.)
• A minimum of three (3) years hands on experience assessing, designing, and implementing ICS/OT network architectures.
• Demonstrated technical skills to analyze, design, and deploy complex Ethernet/IP architectures and communication technologies.
• Demonstrated technical skills showing deep understanding of identifying, detecting, preventing, responding to and recovering from OT/ICS threats and incidents.
• Understanding and appreciation of safety while performing job duties in and around industrial environments.

Nice To Haves

• Previous experience in OT Security specific monitoring tools (e.g. Dragos, Nozomi, TXOne, Claroty, Armis, Verve, etc.)
• Experience working with clients in a technical professional services role.
• Certified SCADA Security Architect (CSSA)
• GIAC certifications (e.g., GICSP, GRID, Critical Infrastructure Protection)
• ISA/IEC 62443 Cybersecurity Certificates
• Networking certifications (e.g., CCNA, CCNP, JNCIP-ENT, etc.)
• Cybersecurity certification (e.g., CCNA Security, CEH, CISA, CISM, CCSP, etc.)
• Cyber security regulatory experience (NERC-CIP, TSA, GxP, etc.)
• A working knowledge of industrial automation and control systems (e.g., DCS, PLCs, SCADA, etc.)
• Ability to perform vulnerability / penetration testing in ICS/OT environment, and/or threat hunting
• Prior experience as a Control System Engineer or SCADA Engineer
• Degree in Engineering (Electrical, Mechanical, Chemical, or similar), Computer Science, or similar scientific / technical field

Responsibilities

• Taking inventory of client’s hardware & software assets and assessing those assets for security vulnerabilities, obsolescence, and other risks
• Reviewing network architectures and determining if good practices are being followed (e.g., the “zones & conduits” concept, proper network segmentation, use of Industrial DMZ, etc.); and providing recommendations to comply with applicable cybersecurity framework
• Reviewing security products utilized (e.g., firewalls, IDS, IPS) and determining if they are configured properly
• Deploying network infrastructure devices (e.g., switches, routers, etc.), security appliances (e.g., firewalls, IDS, etc.), and virtualization solutions
• Reviewing security policies, plans, and procedures; assessing network monitoring capabilities; analyzing system logs, security events, and packet captures to identify security threats; and providing recommendations to comply with applicable cybersecurity framework
• Reviewing administrative, technical, and physical security controls and providing recommendations to mitigate the identified security risks
• Performing vulnerability and risk assessments within manufacturing and critical infrastructure environments to identify security risks and threats (e.g., unsecure remote access points, suspicious remote connections, unauthorized devices on the network, etc.) and providing recommendation to remediate the identified issues
• Creating detailed diagrams (e.g., network, cabling, server, rack, logical architecture, etc.), procedures, and plans (e.g., implementation, SAT, mitigation, etc.) as needed to support projects
• Travel to the client’s site as required