ICSOT-Cybersecurity EngineerNetwork Security Engineer

ICS/OT Cybersecurity Engineers and ICS/OT Network Security Engineers support clients in assessing improving and maintaining the cybersecurity posture of their ICS/OT environments to mitigate security risks (e.g. insider and external threats intentional and accidental).

This positions responsibilities include the audit of ICS/OT environments and performing risk/vulnerability assessments. This role also includes developing client specific cybersecurity roadmaps that prioritize the remediation of cyber threats based on the likelihood of occurrence and magnitude of cost/consequence of a security incident. This position will create mitigation plans for clients to remediate vulnerabilities and will provide support during the remediation efforts. ICS/OT Cybersecurity Engineers and ICS/OT Network Security Engineers assist in reviewing and developing Industrial Cybersecurity programs security policies and plans and provide guidance to help clients improve their existing OT security programs.

ICS/OT Cybersecurity Engineers and ICS/OT Network Security Engineers demonstrate:
High integrity and technical aptitude
A willingness to go beyond the ordinary to meet and exceed client expectations
A desire for continual improvement and development
Excellent written and verbal communication skills

Reports to:Director OT Cyber Security
**Must be commutable to a regional LSI office**
Office Locations: Golden CO - Memphis TN - Jackson TN - Little Rock AR - Milwaukee WI - Murray KY - Phoenix AZ - Rossville GA - Toronto ON

JOB QUALIFICATIONS

Responsibilities for this job include but are not limited to:

• Taking inventory of clients hardware & software assets and assessing those assets for security vulnerabilities obsolescence and other risks
• Reviewing network architectures and determining if good practices are being followed (e.g. the zones & conduits concept proper network segmentation use of Industrial DMZ etc.); and providing recommendations to comply with applicable cybersecurity framework
• Reviewing security products utilized (e.g. firewalls IDS IPS) and determining if they are configured properly
• Deploying network infrastructure devices (e.g. switches routers etc.) security appliances (e.g. firewalls IDS etc.) and virtualization solutions
• Reviewing security policies plans and procedures; assessing network monitoring capabilities; analyzing system logs security events and packet captures to identify security threats; and providing recommendations to comply with applicable cybersecurity framework
• Reviewing administrative technical and physical security controls and providing recommendations to mitigate the identified security risks
• Performing vulnerability and risk assessments within manufacturing and critical infrastructure environments to identify security risks and threats (e.g. unsecure remote access points suspicious remote connections unauthorized devices on the network etc.) and providing recommendation to remediate the identified issues
• Creating detailed diagrams (e.g. network cabling server rack logical architecture etc.) procedures and plans (e.g. implementation SAT mitigation etc.) as needed to support projects
• Travel to the clients site as required

Required Experience

• Strong understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443 NIST CSF NIST 800-53 NIST SP 800-82 CIS MITRE ATT&CK for ICS.)
• Strong understanding of OT network communication protocols (e.g. Ethernet/IP CIP Modbus OPC etc.) and industrial networking topologies (e.g. ring star etc.)
• A minimum of three (3) years hands onexperience assessing designing and implementing ICS/OT network architectures.
• Demonstrated technical skills to analyze design and deploy complex Ethernet/IP architectures and communication technologies.
• Demonstrated technical skills showing deep understanding of identifying detecting preventing responding to and recovering from OT/ICS threats and incidents.
• Understanding and appreciation of safety while performing job duties in and around industrial environments.

Ideal Experience

• Previous experience in OT Security specific monitoring tools (e.g. Dragos Nozomi TXOne Claroty Armis Verve etc.)
• Experience working with clients in a technical professional servicesrole.
• Certified SCADA Security Architect (CSSA)
• GIAC certifications (e.g. GICSP GRID Critical Infrastructure Protection)
• ISA/IEC 62443 Cybersecurity Certificates
• Networking certifications (e.g. CCNA CCNP JNCIP-ENT etc.)
• Cybersecurity certification (e.g. CCNA Security CEH CISA CISM CCSP etc.)
• Cyber security regulatory experience (NERC-CIP TSA GxP etc.)
• A working knowledge of industrial automation and control systems(e.g. DCS PLCs SCADA etc.)
• Ability to perform vulnerability / penetration testing in ICS/OT environment and/or threat hunting
• Prior experience as a Control System Engineer or SCADA Engineer
• Degree in Engineering (Electrical Mechanical Chemical or similar) Computer Science or similar scientific / technical field