Templar Shield is working with a West Coast based client looking for a Sr. Cybersecurity Engineer with OT and creating risk assessments. Please see specs below and contact us if you are interested.
Type: Direct Hire
Travel: Up to 25% (all travel in the U.S. only)
- Assists in developing a comprehensive security program that assesses current security vulnerabilities and researches effective strategies for long-term protection of the company's information technology (IT)/operational technology (OT) systems and data resources.
- Builds, maintains, upgrades, and continuously improves cloud networks and cloud-based systems.
- Analysis, design, development, and operation of programs, shell scripts, tests, and infrastructure automation capabilities in an advanced security context.
- Serves as primary point-of-contact in reviewing the security configurations of firewalls and other network equipment.
- Researches industry best practices to ensure appropriate products and standards are implemented to protect the company from vulnerabilities and unauthorized access.
- Serves a primary point of contact in emergency situations for cybersecurity threats. Responses are required during and after normal business hours to identify, assess and mitigate critical security issues.
- Develops and executes cybersecurity attack simulations, penetration tests, and tabletop exercises to ensure the cybersecurity team is prepared and ready to react in the event of a real incident.
- Prepares briefing materials to present to leadership concerning vulnerabilities, security exposures, risks, and the impact of each to the company.
- Develops and monitors processes for ensuring authorized access to corporate resources including permission violations and initiating the revocation of permissions as needed.
- Participates in security reporting and incident management as established by internal policies.
- Ensures compliance with a variety of cybersecurity standards including North American Electric Reliability Corp (NERC) Critical Infrastructure Protection (CIP), Center of Information Security (CIS) Controls, and National Institute of Technology's (NIST) Cyber Security Framework (CSF) standards.
- Manages security initiatives within the IT/ OT infrastructures and hardening of assigned systems and applications.
- Completes daily administrative tasks, required reporting, and communication with relevant departments regarding security matters.
- Design, implement, maintain, upgrade, and tune security solutions.
- Participates in the change management process ensuring all changes have been properly vetted prior to final approval.
- Collaborates cross-functionally with analysts, engineers, and developers to achieve continuous improvement in cyber defense and resilience.
- Possesses the ability to work autonomously, or within the larger cybersecurity team depending on the assignment and requirements.
- Typically requires a bachelor’s degree in computer science or related field preference with a minimum of 8 years of IT experience; 4+ years of dedicated work delivering cybersecurity infrastructure support and related services. Internship or apprenticeship not required but is considered a plus.
- Advanced security certifications such as: CCNP Security: Cisco Certified Network Professional Security, SSCP: Systems Security Certified Practitioner, CISSP: Certified Information Systems Security Professional, CISA: Certified Information Systems Auditor, CISM: Certified Information Security Manager, GCFA: GIAC Certified Forensic Analyst, GCIH: GIAC Certified Incident Handler, CEH: Certified Ethical Hacker, OSCP: Offensive Security Certified Professional, and CCA: Certified Cloud Architect
- Employer will accept any suitable combination of education, training or experience.
- Experience with operational technology (OT)/industrial control system (ICS) protocols and computing environments, to include common security methodologies in this area.
- Experience operating and maintaining Windows, Linux, and OSX systems.
- Experience managing security tools in public, private and/or private cloud environments.
- Experience interpreting security and technical requirements into business requirements and communicating security risks to relevant stakeholders ranging from business leaders to engineers.
- Experience with and knowledge of hardware and software, networks, data centers, systems and other areas related to cybersecurity.
- Experience with bash, C++, Python and/or Power Shell.
- Experience implementing and managing firewalls and security software (e.g., security incident event manager (SIEM), email security gateway, endpoint security solutions).
- Understanding and experience with systems automation platforms and technologies.
- Experience implementing data loss prevention (DLP) and data protection solutions.
- Exceptional work ethic and time management skills
- Strong communication skills and a commitment to partnering with IT and business peers.
- Attention to detail, critical thinking skills, the ability think strategically and tactically, adept at problem solving and addressing issues and complications before they expand.