Logo
The company name is "Not Available".

ICS/OT-Cybersecurity Engineer/Network Security Engineer - Memphis Job at The com

The company name is "Not Available"., Memphis, TN, United States


ICS/OT Cybersecurity Engineers and ICS/OT Network Security Engineers Support clients in assessing, improving, and maintaining the cybersecurity posture of their ICS/OT environments to mitigate security risks (e.g., insider and external threats, intentional and accidental).This position’s responsibilities include the audit of ICS/OT environments and performing risk/vulnerability assessments. This role also includes developing client-specific cybersecurity roadmaps that prioritize the remediation of cyber threats, based on the likelihood of occurrence and magnitude of cost/consequence of a security incident. This position will create mitigation plans for clients to remediate vulnerabilities and will provide support during the remediation efforts. ICS/OT Cybersecurity Engineers and ICS/OT Network Security Engineers assist in reviewing and developing Industrial Cybersecurity programs, security policies, and plans, and provide guidance to help clients improve their existing OT security programs.ICS/OT Cybersecurity Engineers and ICS/OT Network Security Engineers demonstrate:High integrityA willingness to go beyond the ordinary to meet and exceed client expectationsA desire for continual challenge and developmentExcellent written and verbal communication skillsReports to: Cybersecurity LeadJOB QUALIFICATIONS Responsibilities for this job include but are not limited to:Taking inventory of client’s hardware & software assets and assessing those assets for security vulnerabilities, obsolescence, and other risksReviewing network architectures and determining if good practices are being followed (e.g., the “zones & conduits” concept, proper network segmentation, use of Industrial DMZ, etc.); and providing recommendations to comply with applicable cybersecurity frameworkReviewing security products utilized (e.g., firewalls, IDS, IPS) and determining if they are configured properlyDeploying network infrastructure devices (e.g., switches, routers, etc.), security appliances (e.g., firewalls, IDS, etc.), and virtualization solutionsReviewing security policies, plans, and procedures; assessing network monitoring capabilities; analyzing system logs, security events, and packet captures to identify security threats; and providing recommendations to comply with applicable cybersecurity frameworkReviewing administrative, technical, and physical security controls and providing recommendations to mitigate the identified security risksPerforming vulnerability and risk assessments within manufacturing and critical infrastructure environments to identify security risks and threats (e.g., unsecure remote access points, suspicious remote connections, unauthorized devices on the network, etc.) and providing recommendations to remediate the identified issuesCreating detailed diagrams (e.g., network, cabling, server, rack, logical architecture, etc.), procedures, and plans (e.g., implementation, SAT, mitigation, etc.) as needed to support projectsTravel to the client’s site as requiredRequired ExperienceCertified Information Systems Security Professional (CISSP)Degree in Engineering (Electrical, Mechanical, Chemical, or similar), Computer Science, or similar scientific/technical fieldStrong understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST SP 800-82, CIS, etc.)Strong understanding of OT network communication protocols (e.g., Ethernet/IP, CIP, Modbus, OPC, etc.) and industrial networking topologies (e.g., ring, star, etc.)A minimum of three (3) years “hands-on” experience assessing, designing, and implementing ICS/OT network architecturesDemonstrated technical skills to analyze, design, and deploy complex Ethernet/IP architectures and communication technologiesIdeal ExperienceCertified SCADA Security Architect (CSSA)GIAC certifications (e.g., GICSP, GRID, Critical Infrastructure Protection)ISA/IEC 62443 Cybersecurity CertificatesCybersecurity certification (e.g., CEH, CISA, CISM, CCSP, etc.)Understanding of MITRE ATT&CKS for ICS or NERC CIP frameworksUnderstanding of general cybersecurity frameworks (ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53)A working knowledge of industrial control systems (e.g., DCS, PLCs, SCADA, etc.)Ability to perform vulnerability/penetration testing in ICS/OT environment, and/or threat huntingPrior experience as Control System Engineer or SCADA Engineer working in manufacturing environments or power generation facilitiesCertified professional engineerIndustry experience in Food and Beverage, Chemical, Pharma, Semiconductor, Water & Wastewater, Refining, Pulp and Paper, Oil/Gas Pipeline, Power Generation, Electrical Transmission & Distribution, Material Handling, and/or Packaging#J-18808-Ljbffr