This is an exciting opportunity to lead, influence and execute on ICS security engagements in national critical infrastructure and/or mission critical environments, often having a direct impact on improving security across multiple critical infrastructure industries. In this role you will perform security assessments in manufacturing, utilities, oil and gas, and other ICS environments. Responsibilities include helping clients access their security posture, recommend improvements and implementing those solutions. Assessments include security frameworks, existing security measures and alignment with best practices. In addition, you’ll perform testing against ICS devices, networks and security control mechanisms. This includes testing on devices used in the field as well as future deployment devices, and investigation of device ecosystem and monitoring.
Nice to Have’s:
- 2-5 years’ experience in ICS security assessments
- Previous experience assessing against standards and frameworks including DOE C2M2, IEC-62243/ISA-99, NIST CSF, NERC CIP, etc.
- Experience working with ICS technologies and/or environments. Examples include: SCADA, DCS, PCN, RTUs, IACS, PLCs, HMIs, etc.
- Familiarity with cybersecurity functions including vulnerability assessment and management processes, identity and access management in ICS environments, incident response and monitoring, etc.
- Knowledge of common ICS protocols and technologies.
- Author detailed reports based on security assessments and recommendations with ability to present findings to non-technical executive staff
- Bachelor’s Degree in a related field or equivalent relevant work experience.
- Authorized to work in the US and willingness to undergo a background check.
- Travel: 20% average (up to 50% during peak times), some international, mostly domestic
What’s in It for You?
- Previous experience providing consulting services to Fortune / Global 1000 clients and/or domain experience within relevant industry verticals such as Oil and Gas, Utilities, Manufacturing, etc.
- Relevant certifications (CISSP, GICSP, GRID, GCIP, etc.).
- Experience performing reverse engineering of embedded devices and/or industrial protocols.
- Familiarity with scripting languages such as Bash, Python, Perl, PowerShell, etc.
- Experience designing, organizing, and executing security assessments and testing.
- Experience developing proposals, SOW’s, and general content to support business capture
- Master’s Degree in a relevant field of study
- All Cyber, all the time. We specialize in Cyber security so that’s where you’ll focus your time.
- Keep your skill set fresh and up to date. You’ll work with a variety of our clients, in different industries, all with different challenges. No two assignments will be the same.
- 70% remote/virtual work within the Continental US.