ICS/OT-Cybersecurity Engineer/Network Security Engineer
LSI - Logical Systems Inc. · Golden, CO · 4 mo ago
Information TechnologyFull-time
About the role
ICS/OT Cybersecurity Engineers and ICS/OT Network Security Engineers support clients in assessing, improving, and maintaining the cybersecurity posture of their ICS/OT environments to mitigate security risks.
Responsibilities
- Taking inventory of client’s hardware & software assets and assessing those assets for security vulnerabilities, obsolescence, and other risks
- Reviewing network architectures and determining if good practices are being followed; and providing recommendations to comply with applicable cybersecurity framework
- Reviewing security products utilized and determining if they are configured properly
- Deploying network infrastructure devices, security appliances, and virtualization solutions
- Reviewing security policies, plans, and procedures; assessing network monitoring capabilities; analyzing system logs, security events, and packet captures to identify security threats; and providing recommendations to comply with applicable cybersecurity framework
- Reviewing administrative, technical, and physical security controls and providing recommendations to mitigate the identified security risks
- Performing vulnerability and risk assessments within manufacturing and critical infrastructure environments to identify security risks and threats; and providing recommendations to remediate the identified issues
- Creating detailed diagrams, procedures, and plans as needed to support projects
- Travel to the client’s site as required
- Strong understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST CSF, NIST 800-53, NIST SP 800-82, CIS, MITRE ATT&CK for ICS)
- Strong understanding of OT network communication protocols (Ethernet/IP, CIP, Modbus, OPC, etc.) and industrial networking topologies (ring, star, etc.)
- A minimum of three (3) years hands-on experience assessing, designing, and implementing ICS/OT network architectures
- Demonstrated technical skills to analyze, design, and deploy complex Ethernet/IP architectures and communication technologies
- Demonstrated technical skills showing deep understanding of identifying, detecting, preventing, responding to, and recovering from OT/ICS threats and incidents
- Understanding and appreciation of safety while performing job duties in and around industrial environments
- Previous experience in OT Security specific monitoring tools (Dragos, Nozomi, TXOne, Claroty, Armis, Verve, etc.)
- Experience working with clients in a technical professional services role
- Certified SCADA Security Architect (CSSA)
- GIAC certifications (GICSP, GRID, Critical Infrastructure Protection)
- ISA/IEC 62443 Cybersecurity Certificates
- Networking certifications (CCNA, CCNP, JNCIP-ENT, etc.)
- Cybersecurity certification (CCNA Security, CEH, CISA, CISM, CCSP, etc.)
- Cyber security regulatory experience (NERC-CIP, TSA, GxP, etc.)
- A working knowledge of industrial automation and control systems (DCS, PLCs, SCADA, etc.)
- Ability to perform vulnerability / penetration testing in ICS/OT environment, and/or threat hunting
- Prior experience as a Control System Engineer or SCADA Engineer
- Degree in Engineering (Electrical, Mechanical, Chemical, or similar), Computer Science, or similar scientific / technical field
High integrity and technical aptitude, a willingness to go beyond the ordinary to meet and exceed client expectations, a desire for continual improvement and development, excellent written and verbal communication skills.
BenefitsCommutable to a regional LSI office
ScheduleNot specified
PayNot specified