OT Cyber Security Lead

Duties:

• Apply Knowledge Of OT Network Operations, Attacks, Vulnerabilities, And Network Defenses To Evaluate And Support Cyberspace Capabilities.
• Develop And Maintain OT Security Assessment Documentation (I.E., Policies, Plans, Processes, Procedures Etc.).
• Perform Cybersecurity Assessments Across Client’s IT/OT Networks.
• Design And Develop Secure OT Network Architectures.
• Perform Asset Discovery On OT Networks.
• Identify And Prioritize OT Network Vulnerabilities.
• Communicate And Prioritize Assessment Security Findings And Mitigations To Technical And Non-Technical Stakeholders.
• Translate And Explain OT Cybersecurity Principles And Technical Security Requirements To Non-Technical Stakeholders To Facilitate Understanding And Communication.
• Analyze Relevant Documentation And Assessment Techniques For Use In Planning, Design, Execution, And Reporting Of OT Cyberspace Activities.
• Identify, Monitor, Analyze, And Report OT Cyber Intrusion Methods And Events.
• Analyze OT Cybersecurity Solutions To Identify Attack Paths And Recommend Detection And Prevention, Situational Awareness Of Intrusions, Incident Response Actions.
• Conduct System Security Analysis To Ensure Compliance With Applicable Security Standards.
• Support Security And Compliance Initiatives Throughout The Customer’s ICS Ecosystem.

Skill Set:

• 4+ Years Of Experience In Operations Technology, ISM, And/Or Cybersecurity
• CISSP, CRISC, CISA, CISM, GSEC, GICSP Or Similar Certification Preferred.
• OT/ICS Cybersecurity Support And Assessment Experience.
• Knowledge Of OT/ICS Security Controls Frameworks And Best Practices, To Include NIST SP 800-53, NIST SP 800-82, IEC 62443, Strong Background In Industrial Security. Prior Experience With Application Of The Purdue Model Expected.
• Hands-On Experience In Operations Technology Security, Security Control Development, And Risk Analysis Concepts. Knowledge Of Applicable Frameworks Required.
• Hands-On Experience Implementing Industry Leading Solutions Like Claroty, Nozomi, Dragos Or Similar Preferred
• Familiar With PLCs, Industrial Automation And Control Systems, And Data Acquisition Software.
• Knowledge In Planning, Managing And Patching Vulnerabilities From OT System Scans
• Knowledge With Service-Oriented Architecture For Industrial Control Systems.
• Client Focused Implementation Skillset – Running An Security Assessment (VAPT/Asset Inventory/Architecture Design Review), Tool Implementation And Operations Setup Preferred