|Date Posted||July 11, 2019|
The OT Cybersecurity Professional will operate within our industrial control system and operating technology environments to advise and assist with the establishment and enhancement of Cybersecurity postures. This position will be a trusted subject matter expert in developing OT Cybersecurity architectures, guiding and developing Cybersecurity postures, and being a resource to ensure the company is protecting process critical operating technology.
- 8+ years of cybersecurity experience, at least 3 of which were spent securing critical infrastructure/ ICS, OT; to include DCS, PCS, SCADA systems, PLCs, RTUs, etc.
- Ability to apply skills across a broad range of cybersecurity domains (i.e. Network, Endpoint, Application, Encryption, User Access)
- Experience with Oil and Gas, Energy and Building/Facility Management Systems
- Familiarity with ICS-related communications protocols (e.g., MODBUS, DNP3, S7, etc.)
- Experience securing cross-domain IT/OT communications and pathways to/from Business Networks, third parties, and wide area ICS/OT networks
- Highly competent in zone and conduit architectures and cybersecurity approaches
- Experience engineering security solutions for real-time and/or performance-sensitive systems
- Understanding of time delayed communications & networks
- Experience creating Functional Design Specifications and Detailed Design Specifications
- Highly proficient with Microsoft Visio and documenting ICS/OT infrastructures
- Experience completing cybersecurity assessments based on frameworks such as NIST 800- 53/800-82, IEC 62433, API 1164, RG 5.71, NEI 08-09, ISA, etc.
- Experience designing and conducting Facility and Security Site Acceptance Testing
- Experience applying application whitelisting solutions and other security tools in ICS environments
- Working knowledge of system security design process, defense-in-depth/breadth, engineering lifecycle, information domains, cross-domain solutions, identification, authentication, and authorization, system integration, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, certification and accreditation process, principles of IA (confidentiality, integrity, non-repudiation, availability, access control), and security testing
- Ability to clearly communicate ideas and explain technical knowledge in business language to management and other stakeholders
- Ability to research and engineer new cybersecurity solutions and write research papers, proposals and presentations
- Understands threat landscape of network-connected ICS technology
- Strong technical writing skills
- Understands fundamentals of technical security risk assessment
EDUCATION & EXPERIENCE:
- A Bachelor's degree is preferred from an accredited college or university in Computer Science, Information Technology, Cybersecurity, Electrical Engineering or a related discipline.
- Eight (8) years of experience in managing and developing Information Security and/or other technology teams is preferred. GICSP, CISSP, ISA, CCNA, CCNA-Security certifications are strongly preferred.
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at 844-463-6178