Industrial Control Systems (ICS) CyberSecurity Senior Engineer

Roles & Responsibilities:

• Contribute to project team efforts as the network architecture/cyber security engineer both in the office onsite and at nuclear power generation sites.
• Conduct moderately complex network architecture & cyber security analysis, product configuration, integration testing and troubleshoot difficult problems.
• Create asset lists including software and firmware details in support of Cyber security assessments.
• For multiple ongoing projects, provide network and system specification documentation deliverables to address cybersecurity vulnerabilities and the security controls necessary to mitigate the vulnerabilities to an acceptable level of risk.
• Author technical documentation including product configuration/implementation guides, requirements traceability, test plans, test procedures, test reports, and user administration guides.
• Participate in information sharing with internal and external customers including the delivery of presentation material, technical training, and knowledge transfer.
• Identify and assist in the development of new business opportunities including input to project proposals and associated technical descriptions when bidding on new projects.
• Interpret cyber security program policy and support procedure development.
• Perform system administration, network configuration, and virtual environment management (Windows Server and client system administration setup and support expertise).
• Participate in control systems master planning efforts focused on Ovation control system security including application of host-based security products from a centralized server and secure (hardened) configuration of system components.
• Application of Network security including firewalls, data diodes, security information & event management, network intrusion detection.
• Travel up to 25%, typically when deploying systems to the field for installation and commissioning.

Education:

• Technical Bachelor's Degree in Engineering (Electrical or Computer) or Computer Science, Information Sciences and Technology, Cyber Security/ Information Assurance, or similar.

Experience/Requirements:

• Ability to be granted 10 CFR 73.56 Trustworthy and Reliable clearance.
• Minimum of 4 (Prefer 8-10) years of professional experience (engineering, administration, and security of IT/OT).
• Experience performing requirements management or security audit/assessments.
• Experience with common PLC, Scada, DCS platforms (i.e., Emerson Ovation).
• Experience working in an industrial Operational Technology Environment.
• Knowledge of engineering principles and techniques.
• Knowledge in areas such as network design, Windows Domain setup expertise, security and group policy setup.
• Experience with security control frameworks such as NIST 800-53, 20 Critical Controls, ISO 27002, NEI 08-09.
• High level of experience in troubleshooting system integration issues, and working with cyber security, network, and virtualization technologies to implement comprehensive solutions.
• Experience in industrial environments or industrial control systems a plus.

Certifications:

• At least one of the following security certifications from a nationally recognized organization is preferred but not required:
• GIAC Security Essentials Certification (GSEC) or equivalent.
• GIAC Systems and Network Auditor (GSNA), ISACA Certified Information Systems Auditor (CISA) or equivalent.
• Cisco Certified Network Associate: (CCNA).
• Cisco Security Certification: (CCNP).
• ISC2 Certified Information Systems Security Professional (CISSP).
• Other related technical certifications showing areas of expertise from qualified and reputable vendors and certification agencies.

Cyient is an Equal Opportunity Employer. Cyient recruits, employs, trains, compensates, and promotes regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, veteran status, and other protected status as required by applicable law. We are proud to be a diverse and inclusive company where our people can focus their whole self on solving problems that matter.