Cybersecurity Engineer – ICS/OT

at EDF Renewables
Location San Diego, CA
Date Posted September 8, 2021
Category Default
Job Type Full-time

Description

EDF Renewables North America, a subsidiary of EDF Renewables, is a leading North American independent power producer boasting over 30 years of experience across a broad spectrum of services. Our mission is to deliver renewable solutions to lead the transition to a sustainable energy future.


Scope of Job: 

As an Industrial Control Systems (ICS) / Operational Technology (OT) Cybersecurity Engineer, you will be responsible for implementing and monitoring cybersecurity solutions in support of wind, solar, and like renewable energy operations. This includes serving as a primary contributor providing operational support for risk management, regulatory compliance, and policy implementation. Qualified candidates must have the ability to complete key responsibilities of this role, which include:

 

  • Assists in developing a comprehensive security program that assesses current security vulnerabilities and researches effective strategies for long-term protection of the company's information technology (IT)/operational technology (OT) systems and data resources.
  • Develop solutions to enhance visibility and governance of the converged ICS/OT and IT environments.
  • Visit site locations to understand critical processes and work with local experts to reduce cybersecurity and IT-related operational risk.
  • Conduct risk assessments, reviews, testing, implementation of policy and procedures, operational maintenance, solution deployments, and system integration implementations (remote and on-site testing).
  • Builds, maintains, upgrades, and continuously improves cloud networks and cloud-based systems.
  • Analysis, design, development, and operation of programs, shell scripts, tests, and infrastructure automation capabilities in an advanced security context.
  • Research industry best practices to ensure appropriate products and standards are implemented to protect the company from vulnerabilities and unauthorized access.
  • Serves a primary point of contact in emergency situations for cybersecurity threats. Responses are required during and after normal business hours to identify, assess and mitigate critical security issues.
  • Develops and executes cybersecurity attack simulations, penetration tests, and tabletop exercises to ensure the cybersecurity team is prepared and ready to react in the event of a real incident.
  • Prepares briefing materials to present to leadership concerning vulnerabilities, security exposures, risks, and the impact of each to the company.
  • Participates in security reporting and incident management as established by internal policies.
  • Ensures compliance with a variety of cybersecurity standards including North American Electric Reliability Corp (NERC) Critical Infrastructure Protection (CIP), Center of Information Security (CIS) Controls, and National Institute of Technology's (NIST) Cyber Security Framework (CSF) standards.
  • Manages security initiatives within the IT/ICS/OT infrastructures and hardening of assigned systems and applications.
  • Completes daily administrative tasks, required reporting, and communication with relevant departments regarding security matters.
  • Design, implement, maintain, upgrade, and tune security solutions.
  • Participates in the change management process ensuring all changes have been properly vetted prior to final approval.
  • Collaborates cross-functionally with analysts, engineers, and developers to achieve continuous improvement in cyber defense and resilience.
  • Possesses the ability to work autonomously, or within the larger cybersecurity team depending on the assignment and requirements.

Qualifications: 


Education/Experience –

  • Typically requires a bachelor’s degree in Computer Engineering, Computer Science, or other IT related discipline or relevant work experience.
  • 4 years of relevant working experience with the implementation, deployment, and securing of IT systems and solutions.
  • 4 years of dedicated experience securing in the ICS/OT security environment.
  • Preference will be given for advanced security certifications such as: CCNP Security: Cisco Certified Network Professional Security, SSCP: Systems Security Certified Practitioner, CISSP: Certified Information Systems Security Professional, CISA: Certified Information Systems Auditor, CISM: Certified Information Security Manager, GCFA: GIAC Certified Forensic Analyst, GCIH: GIAC Certified Incident Handler, CEH: Certified Ethical Hacker, OSCP: Offensive Security Certified Professional, and CCA: Certified Cloud Architect

Skills/Knowledge/Abilities –

  • Experience with operational technology (OT)/industrial control system (ICS) protocols and computing environments, to include common security methodologies in this area.
  • Knowledge of OT network protocols (e.g., RS-232, Modbus, OPC, DNP3).
  • Understanding of the Purdue model.
  • Experience performing IT/OT security audits/assessments.
  • Experience with security control frameworks such as NIST SP 800-53, 20 Critical Controls, or ISO 27002.
  • Experience supporting compliance mandates and frameworks such as ISO, NERC CIP, NIST.
  • Experience in troubleshooting system integration issues and working with security, network, and ICS technologies to implement secure solutions.
  • Experience operating and maintaining Windows, Linux, and OSX systems.
  • Experience managing security tools in public, private and/or private cloud environments.
  • Experience interpreting security and technical requirements into business requirements and communicating security risks to relevant stakeholders ranging from business leaders to engineers.
  • Experience with and knowledge of hardware and software, networks, data centers, systems and other areas related to cybersecurity.
  • Experience with bash, C++, Python and/or PowerShell.
  • Experience implementing and managing firewalls and security software (e.g., security incident event manager (SIEM), email security gateway, endpoint security solutions).
  • Understanding and experience with systems automation platforms and technologies.
  • Experience implementing data loss prevention (DLP) and data protection solutions.
  • Exceptional work ethic and time management skills
  • Strong communication skills and a commitment to partnering with IT and business peers.
  • Attention to detail, critical thinking skills, the ability think strategically and tactically, adept at problem solving and addressing issues and complications before they expand.

Working Conditions:

  • The preferred candidate will be local and either in the office daily or at least 75% of the time; or telecommuting where they will be expected in the office less than 30% of the time. Full-time remote is acceptable for highly qualified applicants.
  • The work day is usually Monday-Friday, but there is a rotational on-call that requires work to be performed evenings, weekends, and holidays. Additionally, large scale projects and major cybersecurity incidents may require extended hours.
  • The bulk of time is spent utilizing computers (frequent use of various Microsoft software/programs), phones, and general office equipment.
  • There is the possibility of travel outside of the office visiting generation sites, in addition to attending various conferences and meetings.


Fiscal Responsibilities:

Budget responsibility in conjunction with the coordination and justification of external resources to support information security efforts.  This position will adhere to an annual budget which encompasses all required business activities including but not limited to hiring contractors, business travel, attending conferences, and purchasing/renewing software licenses.  

We are proud to be an EEO/AA employer M/F/D/V. We maintain a drug-free workplace and perform pre-employment substance abuse testing.

Drop files here browse files ...