Vantage Point Consulting Inc.
NW Analyst & Security Analyst
Vantage Point Consulting Inc., Chesterfield, Missouri, United States, 63005
Role Title: Network Analyst - Programmable Logic ControllerHybrid, with some travel required
Main AccountabilitiesDay to day service delivery and operational support (L1 to L3)Provide technical Support to Service Desks and 3rd party suppliers for incidents, problems and changes related to in-scope environment.Manage day to day service delivery and operational support with 3rd party suppliers and consultants (vendor relationship management)Design, Document, implement and support IT Network & Security architecture and solutions complying to Information Security Policies and internal IT DirectivesFollow-up on IT Network & Services remediation plansSupport projects and related activities as IT Network and/or Security subject matter expert.Analyze technology industry and market trends and determines potential impact upon the enterprise.Development of Standard Operating ProceduresKnowledge, Skills, and Experience
10 plus years of IT work experience in multinational environmentResults oriented and strong track-record for on time delivery of projects and development of new IT solutions.Experience in documentation and designing.Expertise in Network and Security technologies and architecture design
SD-WAN and WAN Op (Cisco Meraki, Riverbed SteelConnect + Riverbed SteelHead)Cisco WAN, LAN & WLAN (Switching, routing, DNA center, WLC...)Security and proxy (Checkpoint Firewall, F5, Zscaler cloud)OT-IT Segmentation on industrial / plant & production environmentCloud and Hybrid Cloud (GCP, AWS, Azure)Remote access (Azure AVD, Microsoft AOVPN)
Excellent knowledge on Network and Security technology vendors (Cisco, Meraki, Checkpoint, F5, Riverbed) and relevant equipment market, with vendor management best practicesStrong knowledge of ITIL and IT governance best practicesEnglish (fluent), another language is a plusNetwork and Security certifications (Cisco, Checkpoint, Riverbed, F5) a plusStrong Communications SkillsOperating in a strong team environmentInternational travel might be required.Teamwork spirit and excellent communication skills
Overview:The Network & Security Analyst - PLC plays a crucial role in ensuring the security and reliability of Client's industrial control systems (ICS) and programmable logic controllers (PLCs). This individual demonstrates a high level of professionalism, prioritizing the protection of critical infrastructure and data. Responsibilities include:o Designing, implementing, and maintaining network and security architectures for ICS and PLCso Conducting vulnerability assessments and penetration testing to identify and mitigate security riskso Monitoring and analyzing network traffic to detect and respond to security incidentso Developing and implementing security policies and procedures to ensure compliance with industry standards and regulationso Collaborating with cross-functional teams, including operations, engineering, and IT, to ensure a comprehensive approach to security
Essential Functions:
Main Accountabilities:o Network and Security Architecture: Design, implement, and maintain network and security architectures for ICS and PLCs, considering factors such as scalability, reliability, and security best practices.o Vulnerability Assessment and Penetration Testing: Conduct vulnerability assessments and penetration testing to identify and mitigate security risks in ICS and PLC environments.o Network Traffic Monitoring and Analysis: Monitor and analyze network traffic to detect and respond to security incidents, including unauthorized access attempts, malware infections, and denial-of-service attacks.o Security Policy and Procedure Development: Develop and implement security policies and procedures to ensure compliance with industry standards and regulations, such as IEC 62443 and NERC CIP.o Cross-Functional Collaboration: Collaborate with cross-functional teams, including operations, engineering, and IT, to ensure a comprehensive approach to security, considering operational requirements and technical constraints.
Impact/Dimensions:o Strategic Impact: The Network & Security Analyst - PLC plays a critical role in protecting Client's critical infrastructure and data, ensuring the continuity of operations and minimizing the risk of financial and reputational damage.o Annual Budget: Contributes to the overall cybersecurity budget, which is in the millions of dollars.o Number of Employees Supervised: May supervise a team of junior security analysts or engineers.
Key Performance Indicators (KPIs):o Number of security incidents detected and resolvedo Percentage of successful vulnerability assessments and penetration testso Compliance with industry standards and regulationso Mean time to detect and respond to security incidentso Employee satisfaction with security awareness training
Major Opportunities and Decisions:o Identifying and prioritizing security risks in ICS and PLC environmentso Balancing security requirements with operational needso Making recommendations for security investments and improvementso Responding to and managing security incidentso Staying up-to-date with the latest security trends and technologies
Management/Leadership:o Demonstrates leadership in the area of network and security for ICS and PLCso Provides guidance and mentorship to junior security analysts or engineerso Collaborates effectively with cross-functional teams to influence decisions and drive security initiativeso Communicates effectively with technical and non-technical audiences about security risks and solutions
Key Relationships, Stakeholders & Interfaces (External & Internal):o Internal: Operations, engineering, IT, senior managemento External: Cybersecurity vendors, industry associations, regulatory bodies
Knowledge and Technical Competencies:o Strong understanding of network and security concepts, protocols, and technologieso Experience with ICS and PLC security, including IEC 62443 and NERC CIPo Proficiency in vulnerability assessment and penetration testing tools and techniqueso Knowledge of security policies and procedures, risk management, and incident responseo Excellent communication and interpersonal skillso Ability to work independently and as part of a team
Education/Experience:o Bachelor's degree in computer science, information technology, or a related fieldo 5+ years of experience in network and security, with a focus on ICS and PLC securityo Experience with vulnerability assessment and penetration testingo Certifications in security-related disciplines, such as CISSP, CISM, or CEH, are desirable
Main AccountabilitiesDay to day service delivery and operational support (L1 to L3)Provide technical Support to Service Desks and 3rd party suppliers for incidents, problems and changes related to in-scope environment.Manage day to day service delivery and operational support with 3rd party suppliers and consultants (vendor relationship management)Design, Document, implement and support IT Network & Security architecture and solutions complying to Information Security Policies and internal IT DirectivesFollow-up on IT Network & Services remediation plansSupport projects and related activities as IT Network and/or Security subject matter expert.Analyze technology industry and market trends and determines potential impact upon the enterprise.Development of Standard Operating ProceduresKnowledge, Skills, and Experience
10 plus years of IT work experience in multinational environmentResults oriented and strong track-record for on time delivery of projects and development of new IT solutions.Experience in documentation and designing.Expertise in Network and Security technologies and architecture design
SD-WAN and WAN Op (Cisco Meraki, Riverbed SteelConnect + Riverbed SteelHead)Cisco WAN, LAN & WLAN (Switching, routing, DNA center, WLC...)Security and proxy (Checkpoint Firewall, F5, Zscaler cloud)OT-IT Segmentation on industrial / plant & production environmentCloud and Hybrid Cloud (GCP, AWS, Azure)Remote access (Azure AVD, Microsoft AOVPN)
Excellent knowledge on Network and Security technology vendors (Cisco, Meraki, Checkpoint, F5, Riverbed) and relevant equipment market, with vendor management best practicesStrong knowledge of ITIL and IT governance best practicesEnglish (fluent), another language is a plusNetwork and Security certifications (Cisco, Checkpoint, Riverbed, F5) a plusStrong Communications SkillsOperating in a strong team environmentInternational travel might be required.Teamwork spirit and excellent communication skills
Overview:The Network & Security Analyst - PLC plays a crucial role in ensuring the security and reliability of Client's industrial control systems (ICS) and programmable logic controllers (PLCs). This individual demonstrates a high level of professionalism, prioritizing the protection of critical infrastructure and data. Responsibilities include:o Designing, implementing, and maintaining network and security architectures for ICS and PLCso Conducting vulnerability assessments and penetration testing to identify and mitigate security riskso Monitoring and analyzing network traffic to detect and respond to security incidentso Developing and implementing security policies and procedures to ensure compliance with industry standards and regulationso Collaborating with cross-functional teams, including operations, engineering, and IT, to ensure a comprehensive approach to security
Essential Functions:
Main Accountabilities:o Network and Security Architecture: Design, implement, and maintain network and security architectures for ICS and PLCs, considering factors such as scalability, reliability, and security best practices.o Vulnerability Assessment and Penetration Testing: Conduct vulnerability assessments and penetration testing to identify and mitigate security risks in ICS and PLC environments.o Network Traffic Monitoring and Analysis: Monitor and analyze network traffic to detect and respond to security incidents, including unauthorized access attempts, malware infections, and denial-of-service attacks.o Security Policy and Procedure Development: Develop and implement security policies and procedures to ensure compliance with industry standards and regulations, such as IEC 62443 and NERC CIP.o Cross-Functional Collaboration: Collaborate with cross-functional teams, including operations, engineering, and IT, to ensure a comprehensive approach to security, considering operational requirements and technical constraints.
Impact/Dimensions:o Strategic Impact: The Network & Security Analyst - PLC plays a critical role in protecting Client's critical infrastructure and data, ensuring the continuity of operations and minimizing the risk of financial and reputational damage.o Annual Budget: Contributes to the overall cybersecurity budget, which is in the millions of dollars.o Number of Employees Supervised: May supervise a team of junior security analysts or engineers.
Key Performance Indicators (KPIs):o Number of security incidents detected and resolvedo Percentage of successful vulnerability assessments and penetration testso Compliance with industry standards and regulationso Mean time to detect and respond to security incidentso Employee satisfaction with security awareness training
Major Opportunities and Decisions:o Identifying and prioritizing security risks in ICS and PLC environmentso Balancing security requirements with operational needso Making recommendations for security investments and improvementso Responding to and managing security incidentso Staying up-to-date with the latest security trends and technologies
Management/Leadership:o Demonstrates leadership in the area of network and security for ICS and PLCso Provides guidance and mentorship to junior security analysts or engineerso Collaborates effectively with cross-functional teams to influence decisions and drive security initiativeso Communicates effectively with technical and non-technical audiences about security risks and solutions
Key Relationships, Stakeholders & Interfaces (External & Internal):o Internal: Operations, engineering, IT, senior managemento External: Cybersecurity vendors, industry associations, regulatory bodies
Knowledge and Technical Competencies:o Strong understanding of network and security concepts, protocols, and technologieso Experience with ICS and PLC security, including IEC 62443 and NERC CIPo Proficiency in vulnerability assessment and penetration testing tools and techniqueso Knowledge of security policies and procedures, risk management, and incident responseo Excellent communication and interpersonal skillso Ability to work independently and as part of a team
Education/Experience:o Bachelor's degree in computer science, information technology, or a related fieldo 5+ years of experience in network and security, with a focus on ICS and PLC securityo Experience with vulnerability assessment and penetration testingo Certifications in security-related disciplines, such as CISSP, CISM, or CEH, are desirable