- Execute the planning, design, development, and implementation of technical controls, procedures, and policies associated with cybersecurity compliance and/or regulatory standards.
- Maintain the highest level of integrity, protecting the confidentiality and security of all clients and project information.
- Identify and diagnose operational issues and implement design alterations to address these issues.
- Conduct vulnerability assessments of OT networks for cybersecurity, risk management, and/or compliance purposes.
- Perform detailed, post-event analysis of unusual events, and direct needed procedure or process changes in response.
- Pursue, obtain, and maintain industry-recognized certifications related to cybersecurity such as ethical hacking, penetration testing, network engineering, Industrial Control System (ICS), Supervisory Control and Data Acquisition (SCADA), risk management, and others, as necessary.
- Resolve technical issues, analyze implications to the client's business, and be able to communicate them with applicable stakeholders within the business.
- Develop policies & procedures for secure process control network design, technical and design recommendations for implementing firewalls, unidirectional gateways, zero trust design, and other network security controls.
- Compiles technical documentation of network traffic and firewall services/solutions, including explanations and diagrams.
- Work collaboratively with other groups and divisions inside of 1898 & Co. and Burns & McDonnell.
- All other duties as assigned.
- Requirements:
- Bachelor's degree in a technical field, e.g., (Cybersecurity, Industrial Cybersecurity, Industrial Cyber Engineering, Cyber-Physical System Security, Computer Science or Information Systems, Computer Engineering, Electrical Engineering, or another related technical field with appropriate experience.
- Minimum 8 years of industrial cybersecurity experience.
- Additional applicable years of experience may be considered in place of degree requirements.
- Advanced knowledge of security principles and firm knowledge of cybersecurity technologies, as well as industry-recognized certifications.
- Knowledge and experience with ISA/IEC 62443, NIST Cybersecurity Framework (NIST CSF), and ideally NIST SP800-82 required.
- Experience with security engineering principles, various cybersecurity assessment methodologies, security control implementation, and validation, and system life-cycle practices.
- Experience in the capabilities and/or configuration of cybersecurity controls, specifically those relating to firewalls, identity, and access control, zero-trust security, authentication and authorization, anti-virus/anti-malware, patch management, network, and system hardening, SIEM implementation, and/or tuning, and logging.
- Experience working with development teams to determine application requirements.
- Advanced knowledge of control systems utilized by Oil, Gas, and Chemicals; Manufacturing; Utilities (Power and/or Water); Energy; Transportation; etc., is preferred.
- Strong written and oral communication skills.
- Strong analytical and critical thinking skills.
- Ability to operate under pressure and under tight deadlines, to operate onsite within industrial, corporate, and government work settings.
- Demonstrate an understanding of business principles and operational security practices specific to engineering and/or security consulting.
- Knowledge and/or experience with legacy and modern computer networking and telecommunications.
- Experience with physical cabling for network communications and control system input/output.
- Strong technical writing skills
- Ability to develop and maintain strong relationships with clients.
- Ability to present complex technical issues and their impact in an easy-to-understand manner.
- Knowledge and experience with corporate policies and procedures
- Travel for site work is estimated to average 25-50% annually.
- Tenacious Problem solving
- Unselfish collaborator
- Intellectual curiosity
- Dedicated to continuous improvement.
- Grit
- Consulting background
- OT asset inventory w/ change detection solutions
- Vulnerability Management solutions
- Identity and Access Control solutions
- Zero Trust Security solutions
- OT network & communications monitoring solutions
- Security, Orchestration, Automation & Response (SOAR) solutions
- Knowledge of the Purdue model for zones/segmentation
- TWIC, HUET, and/or BOSIET certifications
- Certified Ethical Hacker (CET) certification with previous experience performing OT-relevant Pen Testing, Threat Hunting, or similar activities.
- Ability to integrate multiple data sources into a single system.
- Familiarity with code testing frameworks.
- Demonstratable name recognition in the OT / ICS / SCADA cybersecurity industry
-
Industrial Cybersecurity Consultant
3 weeks ago
ESPO Corporation Amarillo, United StatesJob Title: Industrial Cybersecurity Consultant · Location: Amarillo, TX OR Kansas City, MO · Job type and Duration: Contract · Our client, a global Architecture and Design Firm, is looking to hire an Industrial Cybersecurity Consultant to join their IT Consulting team in Amaril ...
-
Industrial Cybersecurity Consultant
3 days ago
ESPO Amarillo, United StatesJob Title: Industrial Cybersecurity Consultant · Location: Amarillo, TX OR Kansas City, MO · Job type and Duration: Contract · Our client, a global Architecture and Design Firm, is looking to hire an Industrial Cybersecurity Consultant to join their IT Consulting team in Amari ...
-
Industrial Cybersecurity Consultant
4 weeks ago
ESPO Amarillo, United StatesJob Title: Industrial Cybersecurity Consultant · Location: Amarillo, TX OR Kansas City, MO · Job type and Duration: Contract · If you think you are the right match for the following opportunity, apply after reading the complete description. · Our client, a global Architecture ...
-
Industrial Cybersecurity Consultant
3 days ago
ESPO Amarillo, United StatesJob Title: Industrial Cybersecurity Consultant · Location: Amarillo, TX OR Kansas City, MO · Job type and Duration: Contract · Our client, a global Architecture and Design Firm, is looking to hire an Industrial Cybersecurity Consultant to join their IT Consulting team in Amaril ...
-
Industrial Cybersecurity Consultant
2 weeks ago
ESPO Amarillo, United StatesJob Title: Industrial Cybersecurity Consultant · Location: Amarillo, TX OR Kansas City, MO · Job type and Duration: Contract · Our client, a global Architecture and Design Firm, is looking to hire an Industrial Cybersecurity Consultant to join their IT Consulting team in Amaril ...
-
Industrial Cybersecurity Consultant
2 weeks ago
Espo Corporation Amarillo, United States ContractJob Title: Industrial Cybersecurity Consultant · Location: Amarillo, TX OR Kansas City, MO · Job type and Duration: Contract · Our client, a global Architecture and Design Firm, is looking to hire an Industrial Cybersecurity Consultant to join their IT Consulting team in Ama ...
-
Systems Requirement Planner, TX., USA
3 days ago
EmDrive LLC Amarillo, United StatesJob Description · Job DescriptionLocation: Amarillo, TX. · Job Title: Systems Requirement Planner · Career Level From: Senior Associate "4" · Career Level To: Principal "6" · Organization: Chief Information Security Office · Job Specialty: Systems Requirement Planning · DURATION: ...