OT Security Specialist
Long Island
Job Description Job Description Job Summary
This position is an experienced, hands-on technical lead, performing IT security functions with Operational Technology (OT) environments. Utilizes information security technologies such as antivirus, IDS/IPS, SIEM, endpoint detection & response, DLP, data encryption, proxies, and network access control, as well as security policies and procedures, and incident response. Provides technical expertise and support client’s business lines, IT management, and staff. Serve as a cyber-technical liaison with the Operations Technology (OT) organizational units to ensure production facilities, operations and systems are following security best practices. in cybersecurity threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events.
Job Responsibilities
Responsibilities include:
Assist in the planning and implementation of the OT cyber security compliance work by creating and implementing ongoing, sustainable, and repeatable processes, including NERC-CIP.
Support all efforts to maintain compliance with organizational and industry security standards with OT environments
Lead cyber threat and security incident identification, protection, detection, response and remediation activities impacting the manufacturing operations environment and escalating to management.
Lead and participate in auditing activities conducted for compliance verification by OT security controls, Internal Audit, and other auditing bodies/regulatory agencies.
Develop, refine, review and update documentation, processes, procedures and standards to maintain compliance with OT security controls; develop tools and metrics for periodic reporting. Develop OT security compliance assessments and remediation reports.
Assist in recommendations, design, and implementation of future automated systems, procedures, and methods required for maintaining and streamlining NERC CIP compliance.
Participate in department and/or cross-functional teams to complete special projects or assignments as requested.
Utilizes information security technologies
Provides technical expertise in threat/risk assessments
Defines, designs, and implements strategies to protect against emerging threats using security tools
Responds to security incidents
Job Specific Qualifications
Required:
Prior Experience in a NERC CIP regulated environment
4 or more years of experience in information security or related field
Bachelor’s degree in Computer Science, Information Systems, Cyber Security, Engineering or related discipline, or 3 additional years of relevant experience.
Hands-on technical lead performing IT/OT security functions and maintaining systems.
Experience with SCADA and ICS equipment and architectures
Experience with key information security technologies such as SIEM, firewalls, intrusion detection/prevention systems, vulnerability assessment, encryption, identity and access control systems, anti-malware, and security event analysis as well as security policies and procedures, and incident response.
Provides technical expertise and support to clients, IT/OT management and staff in cybersecurity threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events.
Broad knowledge of information systems including Windows security, network security, systems development, communication networks, security software/hardware and operating systems.
Follows cyber security news and alerts, understands complex attack vectors and risks, and identifies and evaluates emergent cyber security threats and vulnerabilities. Recommends appropriate corrective actions for information security incidents and provides risk mitigation recommendations to management and team.
Reviews complex architecture design diagrams and documents for new technologies and changes to existing technologies to determine risks and provide recommendations and mitigations.
Excellent oral and written communication skills.
Excellent leadership, technical teamwork, and interpersonal skills.
Willing to work in strong team environment, constantly teaching and learning from other team members.
Communicates effectively with both technical and non-technical individuals.
Maintains a solid working knowledge of Information Security principles and practices.
Please Note the Following:
Approximately 5% Travel required
NERC CIP position, requires NERC CIP background investigation prior to start
Desired:
Security certifications in incident response, cyber investigation, forensics, or threat hunting.
Minimum Years of Experience
4 years of experience
Education
Bachelors in Computer Science or Information Technology
Bachelor in Engineering
Or additional professional experience.
Preference will be given to New York State residents. Veterans are encouraged to apply.
About 8 Consulting:
8 Consulting is a Cybersecurity and Systems Engineering organization dedicated to supporting Public Sector clients in developing and securing their operating environments. Our employees enjoy a work culture that promotes employee growth and employee direction in work selection.
8 Consulting benefits include Health Insurance, 401(k) match, 401(k) profit sharing, life insurance, PTO, eleven Federal holidays, 1 floating holiday per quarter and a flexible work environment. Employees can also take advantage of casual corporate site dress code, free parking, corporate discounts, and support in establishing a safe and effective remote work environment.
8 Consulting is an Equal Opportunity employer and does not discriminate against any employee or applicant for employment because of race, creed, color, sex, national origin, age, disability, marital status, sexual orientation, genetic predisposition or carrier status.
Powered by JazzHR
EBFr4RXz7x