Control System Security Engineer, Mid

Key Role:

Join an integrated team of highly skilled engineers and Cybersecurity experts helping to expand a firm’s Industrial Control System (ICS) and Supervisory Control and Data Acquisitions (SCADA) Cybersecurity practice. Apply knowledge of industrial equipment and processes to help develop secure network architecture designs, identify exploitable vulnerabilities that could impact operations, evaluate systems for Cyber risks and remediation activities, and design and implement industrial Cybersecurity monitoring solutions. Work both remotely and onsite government facilities. Travel to client facilities to perform activities including, implementing Cybersecurity solutions and performing security assessment activities, such as physical security walks, observations, and technical configuration reviews. This position will requirement moderate travel based on client and project needs.

Basic Qualifications:

  • 5+ years of experience with Cybersecurity or IT
  • 2+ years of experience with performing onsite Cybersecurity assessments using standards, including the Risk Management Framework (RMF), Cybersecurity Framework (CSF), and NIST SP 800-82
  • Experience with analyzing vulnerability and security risk assessment tool results, including DoD SCAP or Nessus
  • Experience in evaluation risk management, vulnerability assessments, security assessments, strategy and program development, network architecture designs, and monitoring solutions
  • Knowledge of information security and assurance principles and supporting technologies, including defense-in-depth
  • Top Secret clearance
  • BA or BS degree
  • IAM Level II or IASAE Level II Certification, including CAP, CASP+ CE, CISM, CISSP, CSSLP, or GSLC
  • Microsoft Certified Solutions Expert (MCSE),  Windows Server 2008, or MCSE Windows Server 2012

Additional Qualifications:

  • Experience with various vendors and types of ICS and SCADA equipment, including PLCs, HMIs, and VFDs
  • Experience with common industrial network protocols, including Modbus and EthernetIP
  • Knowledge of how to install, setup, and modify PLC and operator interface (HMI) systems software for upgrades, additions, and to resolve issues
  • Knowledge of automation or control systems programming software
  • Ability to demonstrate proficiency in working quickly, efficiently, and accurately in a dynamic and fluid environment
  • Certified Information Technology Professional - Enterprise Administrator (EA), MCITP: Server Administrator (SA), Microsoft Certified Master: Windows Server (WS) 2008 or higher, Microsoft Certified Architect (MCA): Microsoft Windows Server Directory, or Global Information Assurance Certification (GAIC): Certified Windows Security Administrator (GCWIN)

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

#LI-AH1, CJ1

Not ready to apply? Join our talent community and sign up for job alerts.