Vantage Point Consulting Inc.
NW Analyst & Security Analyst
Vantage Point Consulting Inc., Chesterfield, Missouri, United States, 63005
Role Title: Network Analyst - Programmable Logic Controller
Hybrid, with some travel required
Main Accountabilities Day to day service delivery and operational support (L1 to L3) Provide technical Support to Service Desks and 3rd party suppliers for incidents, problems and changes related to in-scope environment. Manage day to day service delivery and operational support with 3rd party suppliers and consultants (vendor relationship management) Design, Document, implement and support IT Network & Security architecture and solutions complying to Information Security Policies and internal IT Directives Follow-up on IT Network & Services remediation plans Support projects and related activities as IT Network and/or Security subject matter expert. Analyze technology industry and market trends and determines potential impact upon the enterprise. Development of Standard Operating Procedures Knowledge, Skills, and Experience
10 plus years of IT work experience in multinational environment Results oriented and strong track-record for on time delivery of projects and development of new IT solutions. Experience in documentation and designing. Expertise in Network and Security technologies and architecture design
SD-WAN and WAN Op (Cisco Meraki, Riverbed SteelConnect + Riverbed SteelHead) Cisco WAN, LAN & WLAN (Switching, routing, DNA center, WLC...) Security and proxy (Checkpoint Firewall, F5, Zscaler cloud) OT-IT Segmentation on industrial / plant & production environment Cloud and Hybrid Cloud (GCP, AWS, Azure) Remote access (Azure AVD, Microsoft AOVPN)
Excellent knowledge on Network and Security technology vendors (Cisco, Meraki, Checkpoint, F5, Riverbed) and relevant equipment market, with vendor management best practices Strong knowledge of ITIL and IT governance best practices English (fluent), another language is a plus Network and Security certifications (Cisco, Checkpoint, Riverbed, F5) a plus Strong Communications Skills Operating in a strong team environment International travel might be required. Teamwork spirit and excellent communication skills
Overview: The Network & Security Analyst - PLC plays a crucial role in ensuring the security and reliability of Client's industrial control systems (ICS) and programmable logic controllers (PLCs). This individual demonstrates a high level of professionalism, prioritizing the protection of critical infrastructure and data. Responsibilities include: o Designing, implementing, and maintaining network and security architectures for ICS and PLCs o Conducting vulnerability assessments and penetration testing to identify and mitigate security risks o Monitoring and analyzing network traffic to detect and respond to security incidents o Developing and implementing security policies and procedures to ensure compliance with industry standards and regulations o Collaborating with cross-functional teams, including operations, engineering, and IT, to ensure a comprehensive approach to security
Essential Functions:
Main Accountabilities: o Network and Security Architecture: Design, implement, and maintain network and security architectures for ICS and PLCs, considering factors such as scalability, reliability, and security best practices. o Vulnerability Assessment and Penetration Testing: Conduct vulnerability assessments and penetration testing to identify and mitigate security risks in ICS and PLC environments. o Network Traffic Monitoring and Analysis: Monitor and analyze network traffic to detect and respond to security incidents, including unauthorized access attempts, malware infections, and denial-of-service attacks. o Security Policy and Procedure Development: Develop and implement security policies and procedures to ensure compliance with industry standards and regulations, such as IEC 62443 and NERC CIP. o Cross-Functional Collaboration: Collaborate with cross-functional teams, including operations, engineering, and IT, to ensure a comprehensive approach to security, considering operational requirements and technical constraints.
Impact/Dimensions: o Strategic Impact: The Network & Security Analyst - PLC plays a critical role in protecting Client's critical infrastructure and data, ensuring the continuity of operations and minimizing the risk of financial and reputational damage. o Annual Budget: Contributes to the overall cybersecurity budget, which is in the millions of dollars. o Number of Employees Supervised: May supervise a team of junior security analysts or engineers.
Key Performance Indicators (KPIs): o Number of security incidents detected and resolved o Percentage of successful vulnerability assessments and penetration tests o Compliance with industry standards and regulations o Mean time to detect and respond to security incidents o Employee satisfaction with security awareness training
Major Opportunities and Decisions: o Identifying and prioritizing security risks in ICS and PLC environments o Balancing security requirements with operational needs o Making recommendations for security investments and improvements o Responding to and managing security incidents o Staying up-to-date with the latest security trends and technologies
Management/Leadership: o Demonstrates leadership in the area of network and security for ICS and PLCs o Provides guidance and mentorship to junior security analysts or engineers o Collaborates effectively with cross-functional teams to influence decisions and drive security initiatives o Communicates effectively with technical and non-technical audiences about security risks and solutions
Key Relationships, Stakeholders & Interfaces (External & Internal): o Internal: Operations, engineering, IT, senior management o External: Cybersecurity vendors, industry associations, regulatory bodies
Knowledge and Technical Competencies: o Strong understanding of network and security concepts, protocols, and technologies o Experience with ICS and PLC security, including IEC 62443 and NERC CIP o Proficiency in vulnerability assessment and penetration testing tools and techniques o Knowledge of security policies and procedures, risk management, and incident response o Excellent communication and interpersonal skills o Ability to work independently and as part of a team
Education/Experience: o Bachelor's degree in computer science, information technology, or a related field o 5+ years of experience in network and security, with a focus on ICS and PLC security o Experience with vulnerability assessment and penetration testing o Certifications in security-related disciplines, such as CISSP, CISM, or CEH, are desirable
Main Accountabilities Day to day service delivery and operational support (L1 to L3) Provide technical Support to Service Desks and 3rd party suppliers for incidents, problems and changes related to in-scope environment. Manage day to day service delivery and operational support with 3rd party suppliers and consultants (vendor relationship management) Design, Document, implement and support IT Network & Security architecture and solutions complying to Information Security Policies and internal IT Directives Follow-up on IT Network & Services remediation plans Support projects and related activities as IT Network and/or Security subject matter expert. Analyze technology industry and market trends and determines potential impact upon the enterprise. Development of Standard Operating Procedures Knowledge, Skills, and Experience
10 plus years of IT work experience in multinational environment Results oriented and strong track-record for on time delivery of projects and development of new IT solutions. Experience in documentation and designing. Expertise in Network and Security technologies and architecture design
SD-WAN and WAN Op (Cisco Meraki, Riverbed SteelConnect + Riverbed SteelHead) Cisco WAN, LAN & WLAN (Switching, routing, DNA center, WLC...) Security and proxy (Checkpoint Firewall, F5, Zscaler cloud) OT-IT Segmentation on industrial / plant & production environment Cloud and Hybrid Cloud (GCP, AWS, Azure) Remote access (Azure AVD, Microsoft AOVPN)
Excellent knowledge on Network and Security technology vendors (Cisco, Meraki, Checkpoint, F5, Riverbed) and relevant equipment market, with vendor management best practices Strong knowledge of ITIL and IT governance best practices English (fluent), another language is a plus Network and Security certifications (Cisco, Checkpoint, Riverbed, F5) a plus Strong Communications Skills Operating in a strong team environment International travel might be required. Teamwork spirit and excellent communication skills
Overview: The Network & Security Analyst - PLC plays a crucial role in ensuring the security and reliability of Client's industrial control systems (ICS) and programmable logic controllers (PLCs). This individual demonstrates a high level of professionalism, prioritizing the protection of critical infrastructure and data. Responsibilities include: o Designing, implementing, and maintaining network and security architectures for ICS and PLCs o Conducting vulnerability assessments and penetration testing to identify and mitigate security risks o Monitoring and analyzing network traffic to detect and respond to security incidents o Developing and implementing security policies and procedures to ensure compliance with industry standards and regulations o Collaborating with cross-functional teams, including operations, engineering, and IT, to ensure a comprehensive approach to security
Essential Functions:
Main Accountabilities: o Network and Security Architecture: Design, implement, and maintain network and security architectures for ICS and PLCs, considering factors such as scalability, reliability, and security best practices. o Vulnerability Assessment and Penetration Testing: Conduct vulnerability assessments and penetration testing to identify and mitigate security risks in ICS and PLC environments. o Network Traffic Monitoring and Analysis: Monitor and analyze network traffic to detect and respond to security incidents, including unauthorized access attempts, malware infections, and denial-of-service attacks. o Security Policy and Procedure Development: Develop and implement security policies and procedures to ensure compliance with industry standards and regulations, such as IEC 62443 and NERC CIP. o Cross-Functional Collaboration: Collaborate with cross-functional teams, including operations, engineering, and IT, to ensure a comprehensive approach to security, considering operational requirements and technical constraints.
Impact/Dimensions: o Strategic Impact: The Network & Security Analyst - PLC plays a critical role in protecting Client's critical infrastructure and data, ensuring the continuity of operations and minimizing the risk of financial and reputational damage. o Annual Budget: Contributes to the overall cybersecurity budget, which is in the millions of dollars. o Number of Employees Supervised: May supervise a team of junior security analysts or engineers.
Key Performance Indicators (KPIs): o Number of security incidents detected and resolved o Percentage of successful vulnerability assessments and penetration tests o Compliance with industry standards and regulations o Mean time to detect and respond to security incidents o Employee satisfaction with security awareness training
Major Opportunities and Decisions: o Identifying and prioritizing security risks in ICS and PLC environments o Balancing security requirements with operational needs o Making recommendations for security investments and improvements o Responding to and managing security incidents o Staying up-to-date with the latest security trends and technologies
Management/Leadership: o Demonstrates leadership in the area of network and security for ICS and PLCs o Provides guidance and mentorship to junior security analysts or engineers o Collaborates effectively with cross-functional teams to influence decisions and drive security initiatives o Communicates effectively with technical and non-technical audiences about security risks and solutions
Key Relationships, Stakeholders & Interfaces (External & Internal): o Internal: Operations, engineering, IT, senior management o External: Cybersecurity vendors, industry associations, regulatory bodies
Knowledge and Technical Competencies: o Strong understanding of network and security concepts, protocols, and technologies o Experience with ICS and PLC security, including IEC 62443 and NERC CIP o Proficiency in vulnerability assessment and penetration testing tools and techniques o Knowledge of security policies and procedures, risk management, and incident response o Excellent communication and interpersonal skills o Ability to work independently and as part of a team
Education/Experience: o Bachelor's degree in computer science, information technology, or a related field o 5+ years of experience in network and security, with a focus on ICS and PLC security o Experience with vulnerability assessment and penetration testing o Certifications in security-related disciplines, such as CISSP, CISM, or CEH, are desirable