HOME > CARIERE > DESCRIERE POZIȚIE

OT Cybersecurity Engineer

Alătură-te echipei noastre! Urmează-ți propria carieră.

Titlu poziție

OT Cybersecurity Engineer

Locație

Vadu

Tipul de activitate

Permanent

Data postării

23 martie 2023

Descriere poziție

JOB SCOPE

OT Cybersecurity Engineer support Operations in assessing, improving, and maintaining the cybersecurity posture of their ICS/OT environments to mitigate security risks (e.g., insider and external threats, intentional and accidental).

RESPONSIBILITIES

  • Auditing ICS/OT environments and performing risk/vulnerability assessments.
  • Developing specific cybersecurity roadmaps that prioritize the remediation of cyber threats, based on the likelihood of occurrence and magnitude of cost/consequence of a security incident.
  • Creating mitigation plans to remediate vulnerabilities and will provide support during the remediation efforts.
  • Reviewing and developing Industrial Cybersecurity programs, security policies, and plans, and provide guidance to help clients improve their existing OT security programs.
  • Taking inventory of client’s hardware & software assets and assessing those assets for security vulnerabilities, obsolescence, and other risks.
  • Reviewing network architectures and determining if good practices are being followed (e.g., the “zones & conduits” concept, proper network segmentation, use of Industrial DMZ, etc.); and providing recommendations to comply with applicable cybersecurity framework
  • Reviewing security products utilized (e.g., firewalls, IDS, IPS) and determining if they are configured properly
  • Deploying network infrastructure devices (e.g., switches, routers, etc.), security appliances (e.g., firewalls, IDS, etc.), and virtualization solutions
  • Reviewing security policies, plans, and procedures; assessing network monitoring capabilities; analyzing system logs, security events, and packet captures to identify security threats; and providing recommendations to comply with applicable cybersecurity framework
  • Reviewing administrative, technical, and physical security controls and providing recommendations to mitigate the identified security risks
  • Performing vulnerability and risk assessments within manufacturing and critical infrastructure environments to identify security risks and threats (e.g., unsecure remote access points, suspicious remote connections, unauthorized devices on the network, etc.) and providing recommendation to remediate the identified issues
  • Creating detailed diagrams (e.g., network, cabling, server, rack, logical architecture, etc.), procedures, and plans (e.g., implementation, SAT, mitigation, etc.) as needed to support projects
  • Liaise with all departments considered on the scope: Operations, Subsurface, Finance.

EDUCATION & QUALIFICATION

Technical knowledge:

  • Certified Information Systems Security Professional (CISSP)
  • Degree in Engineering (Electrical, Mechanical, Chemical, or similar), Computer Science, or similar scientific / technical field
  • Strong understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST SP 800-82, CIS, etc.)
  • Strong understanding of OT network communication protocols (e.g., Ethernet/IP, CIP, Modbus, OPC, etc.) and industrial networking topologies (e.g., ring, star, etc.)
  • A minimum of three (3) years “hands on” experience assessing, designing, and implementing ICS/OT network architectures
  • Demonstrated technical skills to analyze, design, and deploy complex Ethernet/IP architectures and communication technologies
  • Certified SCADA Security Architect (CSSA)
  • GIAC certifications (e.g., GICSP, GRID, Critical Infrastructure Protection)
  • ISA/IEC 62443 Cybersecurity Certificates
  • Networking certifications (e.g., CCNA, CCNP, JNCIP-ENT, etc.)
  • Cybersecurity certification (e.g., CEH, CISA, CISM, CCSP, etc.)
  • Understanding of MITRE ATT&CKS for ICS or NERC CIP frameworks
  • Understanding of general cybersecurity frameworks (ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53)
  • A working knowledge of industrial control systems (e.g., DCS, PLCs, SCADA, etc.)
  • Ability to perform vulnerability / penetration testing in ICS/OT environment, and/or threat hunting
  • Prior experience Control System Engineer or SCADA Engineer working in manufacturing environments or power generation facilities
  • Industry experience in Chemical, Semiconductor, Water & Wastewater, Refining, Pulp and Paper, Oil/Gas Pipeline, Power Generation, Electrical Transmission & Distribution, Material Handling, and/or Packaging

Terms and conditions:

  • Duration: Permanent
  • Location: Gas Treatment Plant Vadu

If interested and qualified, please upload your CV in the form below by April 7th, 2023.

Trimite-ne CV -ul tău!

Trimite-ne CV -ul tău!


    În calitate de angajator, trebuie să colectăm și să păstrăm datele despre dvs. pentru a ne permite să procesăm solicitarea dvs. de angajare. Regulamentul privind protecția datelor cu caracter UE personal instituie o obligație suplimentară pentru angajatori de a informa potențialii angajați cu privire la cum și de ce colectăm datele dvs., cu le folosim și cât timp le păstrăm.
    Vă rugăm să petreceți câteva minute pentru a citi politica noastră de confidențialitate privind recrutarea.
    Ne-ar plăcea să  avem consimțământul dvs. pentru a deține date personale despre dvs. astfel încât să vă putem procesa solicitarea dvs. de angajare.

    Doar fișierele .pdf, .doc și .docx sunt permise. Maxim 2Mb

    © 2022 Black Sea Oil & Gas Copyright | Make a complaint

    Follow us: