The position also entails analyzing our product groups' network designs and software implementations as specified for our customer's requirements. This position will ensure that controls are relevant, properly documented, and maintained for associated products and services.
Duties & Responsibilities
- Collaborate internally and externally with business organizations to create solutions meeting our customer needs while minimizing Cyber security risks.
- Guide technical leaders and business functions on OT network architecture, Compliance, and security-related matters.
- Develop, document, and execute cybersecurity execution plans and schedules.
- Triage and address security alerts reported by OT security systems
- Continually develop OT vulnerability and remediation capability to drive faster patching and mitigation cycles
- Evaluate and make recommendations to continuously improve the cybersecurity posture of digital products.
- Analyze network designs and software implementation
- Proactively identify risks and active threats to the OT systems, and applications
- Perform incident response tasks including evidence preservation, forensics, and malware/exploit analysis
- Participate in developing and implementing new products to ensure the design and functionality required to support security and compliance.
- Develop and maintain cyber security technical documentation and guidelines.
- Conduct OT security workshops and awareness training sessions as required.
- Perform other work-related tasks as assigned.
- Comply with all Company and HSE policies and procedures.
- Bachelor's degree in Computer Science, Cyber Security, or related field.
- Security or OT-related certifications are strongly desired. CISSP, CISA, CISM, CRISC, and/or other information security-related certifications also a plus.
- 3 years of work experience in information security or compliance frameworks.
- Knowledge of design, deployment, and assessment of DCS/SCADA systems.
- Experience with PLCs (Allen Bradley, Siemens, Wago), Embedded Windows, Embedded Linux, and RTOS control systems.
- Experience with industrial network protocols such as Modbus, PROFINET, OPC, EtherCAT.
- Experience with Windows Servers, Linux/UNIX, enterprise anti-virus, endpoint security, application whitelisting technologies, SIEM, logging configurations, IDS/IPS, authentication methods, TCP/IP, packet capture, and analysis
- CYBER SECURITY
- COMPUTER SCIENCE
- INTERNETSECURITY
- PROFINET
- OPC
- ETHERCAT