ICS/SCADA Cybersecurity Consultant

Location: San Diego, CA
Date Posted: 08-28-2017
  • ICS/SCADA Security Engineer
  • San Diego, CA
Job Requirements:
  • Ability to provide technical direction and act as a subject matter expert as it relates to cybersecurity in industrial control systems (Distributed Control Systems specifically)
  • Ability to technically evaluate cybersecurity technologies and provide feasibility assessments
  • Ability to write clear system requirements and test plans
  • Identify security issues and risks, and develop mitigation plans
  • Architect, design, implement, support, and evaluate security-focused tools and services while acting as the Information Security project lead
  • Interpret information security vulnerabilities, risks, policies, and procedures to the Business lines and IT teams
  • Perform Security Risk Assessments on large and medium programs and projects
  • Experience with security frameworks such as NIST 800-53r4, NISTIR 7628
  • Evaluate and recommend new and emerging security products and technologies
  • Participate in projects that develop new intellectual property and ensure security policies, requirements, best practices, etc. are applied
  • Evangelize security within Company and be an advocate for customer trust
Qualifications:
  • At least 5 years of Information Security experience
  • At least 2 years of experience working with industrial control systems (ICS) in some form
  • At least 2 years of experience in Information Security Engineering, Auditing, or Architecture
  • Experience with Distributed Control Systems (DCS) is highly desired.
  • Experience working in the Gas/Oil/Energy sector is a big plus.
  • MS in Computer Science or equivalent desired
  • Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
  • Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP,
  • HTTPS, routing protocols)
  • Knowledge of common SSL, hashing, and symmetric encryption, especially in Java and .Net environments
  • Ability to create and review network design and architecture patterns
  • Able to articulate risk modeling and able to communicate technical concepts in simple terms both verbally and in written reports
  • Experience with service-oriented architecture and web services security desired
  • Experience with the application of threat modeling or other risk identification techniques
  • Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits is desired
  • Results oriented, high energy, self-motivated is required
  • Excellent written and verbal communication skills is required
  • Excellent leadership skills and teamwork skills is required
or
this job portal is powered by CATS