Clark Creative Solutions LLC
Journeyman Cybersecurity Analyst
Clark Creative Solutions LLC, Port Hueneme, California, United States, 93041
We are seeking a Building Automations Analyst (Journeyman)
Clearance: Secret
Location: Pt. Hueneme, Ventura County
Schedule: Onsite in Pt. Hueneme, with flexibility based on mission support requirements
LCAT Level: Journeyman IT Analyst
Position Description
The Defensive Cyber team is responsible for the analysis of all technology devices which may include Operational Technology (OT) and Industrial Control Systems (ICS) within enterprise. This includes analytical analysis of device communication, investigation of systems and servers, timeline analysis of activity on these endpoints, user permission and authentication audits, log analysis, configuration implementation and malware identification/triage.
An ideal candidate for this position will be a proactive self-starter who would possess a high school diploma or GED and have at least five years of experience in installing, troubleshooting, or commissioning building automation controllers or mechanical systems. They should have exposure to control software development or maintenance and be proficient in reading and interpreting control diagrams as well as mechanical and electrical drawings. Excellent verbal and written communication skills are essential. The role requires a willingness to travel and has a desire to learn new Information Technology (IT) skills that are note typical in a traditional building automation role and may include cyber security standards, cyber defense tools, cyber analytics and analysis.
Responsibilities for this position include:
engineering support, investigating building automation systems and communications, configuring and programming controllers, acting as a technical resource, providing training on energy management solutions and products, conducting system surveys, preparing technical documentation, and troubleshooting issues related to control software and diagnosing controls, electrical, and mechanical systems with a focus on cyber security.Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates incident response and threat hunting activities.Manage data from the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devicesProvide subject matter expertise in the installation, commissioning, and troubleshooting of building automation systems; contribute to technical training and documentation with the cyber team; and deliver tier 2 technical support for internal and external users of the platformEvaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusionsAnalyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes to enhance SOC response and efficiencyConduct comprehensive technical analyses of computer evidence, research and integrate security tools into the SOC, and synthesize findings into reports for both technical and non-technical audiencesQualifications
At least 3-5 years of experience (Journeyman) in Building automation services and tools. Demonstrating ability to troubleshoot complex configurations and preforming system analysisProficient and experience with installing, troubleshooting, or commissioning building automation controllers or mechanical systemsApplied knowledge of network topologies, protocols (e.g., TCP/IP, ICMP, HTTP/S, DNS, SSH, SMTP, SMB), and understands or willing to learn tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center, log collectorsExposure to control software development or control software maintenanceCapable of troubleshooting issues, including identifying bugs in control software and diagnosing controls, electrical, and mechanical systemsDesired Skill sets
Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS)Strong analytical and troubleshooting skillsAble to provide expert content development in Splunk Enterprise Security using tstats and data modelsUnderstands how to utilize knowledge of latest threats and attack vectors to develop correlation rules for continuous monitoring on various security appliancesExperience in other tools and communication languages as applicable such as Bacnet, MODBus, SCADA systems, PPCL and PCAPReview logs to determine if relevant data is present to accelerate against data models to work with existing use casesKnowledge of engineering fundamentals, HVAC, mechanical, and electrical systems
Certifications at an equivalent and relevant topic may be considered.
Clearance: Secret
Location: Pt. Hueneme, Ventura County
Schedule: Onsite in Pt. Hueneme, with flexibility based on mission support requirements
LCAT Level: Journeyman IT Analyst
Position Description
The Defensive Cyber team is responsible for the analysis of all technology devices which may include Operational Technology (OT) and Industrial Control Systems (ICS) within enterprise. This includes analytical analysis of device communication, investigation of systems and servers, timeline analysis of activity on these endpoints, user permission and authentication audits, log analysis, configuration implementation and malware identification/triage.
An ideal candidate for this position will be a proactive self-starter who would possess a high school diploma or GED and have at least five years of experience in installing, troubleshooting, or commissioning building automation controllers or mechanical systems. They should have exposure to control software development or maintenance and be proficient in reading and interpreting control diagrams as well as mechanical and electrical drawings. Excellent verbal and written communication skills are essential. The role requires a willingness to travel and has a desire to learn new Information Technology (IT) skills that are note typical in a traditional building automation role and may include cyber security standards, cyber defense tools, cyber analytics and analysis.
Responsibilities for this position include:
engineering support, investigating building automation systems and communications, configuring and programming controllers, acting as a technical resource, providing training on energy management solutions and products, conducting system surveys, preparing technical documentation, and troubleshooting issues related to control software and diagnosing controls, electrical, and mechanical systems with a focus on cyber security.Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates incident response and threat hunting activities.Manage data from the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devicesProvide subject matter expertise in the installation, commissioning, and troubleshooting of building automation systems; contribute to technical training and documentation with the cyber team; and deliver tier 2 technical support for internal and external users of the platformEvaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusionsAnalyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes to enhance SOC response and efficiencyConduct comprehensive technical analyses of computer evidence, research and integrate security tools into the SOC, and synthesize findings into reports for both technical and non-technical audiencesQualifications
At least 3-5 years of experience (Journeyman) in Building automation services and tools. Demonstrating ability to troubleshoot complex configurations and preforming system analysisProficient and experience with installing, troubleshooting, or commissioning building automation controllers or mechanical systemsApplied knowledge of network topologies, protocols (e.g., TCP/IP, ICMP, HTTP/S, DNS, SSH, SMTP, SMB), and understands or willing to learn tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center, log collectorsExposure to control software development or control software maintenanceCapable of troubleshooting issues, including identifying bugs in control software and diagnosing controls, electrical, and mechanical systemsDesired Skill sets
Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS)Strong analytical and troubleshooting skillsAble to provide expert content development in Splunk Enterprise Security using tstats and data modelsUnderstands how to utilize knowledge of latest threats and attack vectors to develop correlation rules for continuous monitoring on various security appliancesExperience in other tools and communication languages as applicable such as Bacnet, MODBus, SCADA systems, PPCL and PCAPReview logs to determine if relevant data is present to accelerate against data models to work with existing use casesKnowledge of engineering fundamentals, HVAC, mechanical, and electrical systems
Certifications at an equivalent and relevant topic may be considered.