We are looking for the Cyber Security Specialist who will be responsible for providing cybersecurity support and oversight for product development groups and industrial control system environments. This includes defining, managing, and enforcing IACS security controls, processes and procedures relying heavily on experience in both information security and automation technologies focusing on industrial controls systems.
You will be a member of the global Information Security team, working closely with sites, services, technical teams and product groups to ensure that security requirements and support are provided.
Cyber Security Specialist
- Strong technical ICS experience: ability to review configurations of ICS (e.g. HMIs, engineering software, PLCs , etc.), identify best practices for backup and recovery of ICS, and understand industrial protocols.
- Good general technical knowledge: applications technologies, networks, protocols, databases, operating systems (Windows/Linux).
- Understanding of Industrial Networks.
- Experience using ICS software including: engineering software, version management software, HMI software, OPC software.
- Working knowledge of networking concepts, ability to review network designs, and perform security assessments of network devices (e.g. switches, routers, firewalls).
- Fluent in English
- Cybersecurity (e.g.: CISSP) and ICS Security Certifications (SANS GICSP, ISA/IEC 62443 Risk Assessment Specialist).
- Experience in implementing security controls, hardening, and technologies in automation systems and networks.
- Experience in implementing vulnerability and patch management in ICS environments.
- Working knowledge of IACS Security standards.
- Providing secure design, development, and architecture requirements for Industrial Control Systems (ICS) environments and information and digital systems as they relate to ICS and automation.
- Providing cybersecurity awareness and training within product development and ICS environments.
- Providing support to write, review, and maintain documents, policies, and standards governing the cybersecurity requirements for the ICS environment.
- Providing secure architecture requirements for lab and development networks.
- Performing security reviews and assessments of systems, networks, and processes/procedures in ICS environments.
- Assisting with testing, selection and implementation of security technologies in ICS environments.
- Providing support for projects and initiatives that enables sites to accomplish project goals in a secure manner.
- Providing support for management and remediation of vulnerabilities identified in ICS environments.
- Acting as subject matter expert in Industrial Automation and Control Systems
- Supporting on the development of cybersecurity technology implementation strategies for ICS environments with clear understanding of the differences between IT and OT environments (e.g. Anti-virus on HMIs, application whitelisting, security policies for firewalls in ICS environments, etc.).
- Supporting the execution of risk based methodologies for cybersecurity assessments of ICS systems, including remote sites, onsite, third party, and on vessels.
- Supporting on the creation of technical design documentation and to write technical reports for both technical and management consumption and understanding.
- Following the established metrics and key performance indicators to monitor the overall health and effectiveness of the ISC cybersecurity program.
- Staying informed about the latest cyber threats to the ICS environment including threats towards the organization.
- Supporting on the development of strategies and plans to mitigate emerging cyber threats.
- A stimulating work environment with a high professional standard.
- Personal development opportunities in a growing international team.
- Demanding and enjoyable teamwork and cooperation with peers and Clients worldwide.