logo

View all jobs

ICS/SCADA Cybersecurity Consultant

San Diego OR Los Angeles, CA
ICS/SCADA Security Engineer
 
Job Requirements:
  • Ability to provide technical direction and act as a subject matter expert as it relates to cybersecurity in industrial control systems (Distributed Control Systems specifically)
  • Ability to technically evaluate cybersecurity technologies and provide feasibility assessments
  • Ability to write clear system requirements and test plans
  • Identify security issues and risks, and develop mitigation plans
  • Architect, design, implement, support, and evaluate security-focused tools and services while acting as the Information Security project lead
  • Interpret information security vulnerabilities, risks, policies, and procedures to the Business lines and IT teams
  • Perform Security Risk Assessments on large and medium programs and projects
  • Experience with security frameworks such as NIST 800-53r4, NISTIR 7628
  • Evaluate and recommend new and emerging security products and technologies
  • Participate in projects that develop new intellectual property and ensure security policies, requirements, best practices, etc. are applied
  • Evangelize security within Company and be an advocate for customer trust
Qualifications:
  • At least 5 years of Information Security experience
  • At least 2 years of experience working with industrial control systems (ICS) in some form
  • At least 2 years of experience in Information Security Engineering, Auditing, or Architecture
  • Experience with Distributed Control Systems (DCS) is highly desired.
  • Experience working in the Gas/Oil/Energy sector is a big plus.
  • MS in Computer Science or equivalent desired
  • Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
  • Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP,
  • HTTPS, routing protocols)
  • Knowledge of common SSL, hashing, and symmetric encryption, especially in Java and .Net environments
  • Ability to create and review network design and architecture patterns
  • Able to articulate risk modeling and able to communicate technical concepts in simple terms both verbally and in written reports
  • Experience with service-oriented architecture and web services security desired
  • Experience with the application of threat modeling or other risk identification techniques
  • Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits is desired
  • Results oriented, high energy, self-motivated is required
  • Excellent written and verbal communication skills is required
  • Excellent leadership skills and teamwork skills is required
More Openings
GRC Archer Developer
Third Party Risk Analyst
Third Party Risk Lead
Third Party Risk Analyst
Third Party Risk Lead
Share This Job
Powered by