Sr OT Systems Security Engineer

Description

• Mitigate/correct security deficiencies identified during Factory Acceptance Testing, Site Acceptance Testing, and/or recommend risk acceptance for the appropriate senior leadership. Verify and update security engineering documentation reflecting the application/system security design features. Verify minimum security design specifications are in place for OT assets to support security event monitoring and incident response.
• Assist with vulnerability mitigation planning, incident response and security event monitoring engineering activities for security and compliance requirements
• Provide analytical and technical security recommendations to other team members, technical teams, and business clients, including: Provide OT cyber security guidance to leadership. Work with stakeholders to design OT security design specifications and architectures. Provide input to implementation plans and standard operating procedures as they relate to OT cyber security.
• Analyze and design security measures to resolve OT vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed.
• Work closely with the R&D and innovation teams to ensure secure implementation of OT systems into production. (
• Work closely with technical teams to implement effective security configurations/requirements, including:
• Conduct engagement and provide OT cyber security training to OT personnel
• Develop specific OT cyber security countermeasures and risk mitigation strategies for systems and/or applications.

Requirements

• Knowledge of authentication, authorization, and access control methods.
• At least 3 years of demonstrated experience in the energy sector
• Demonstrated experience in addressing regulatory compliance for the security requirements in applicable laws and regulations, such as NERC CIP, CFATS, or API 1164.
• Bachelors Degree in Computer Science, engineering, or a related discipline, and typically 5 or more years of solid, diverse experience in OT/ICS, or equivalent combination of education and work experience.
• Knowledge of database systems
• Solid capability to assess network architectures and operating systems for vulnerabilities and develop appropriate security countermeasures.
• Comprehensive understanding of change management techniques associated with new technology implementation.
• Knowledge of cryptography and cryptographic key management concepts
• Demonstrated experience producing an economic business case.
• Appropriate technical skills and in-depth knowledge of business unit functions and applications, including:
• Demonstrated experience and subject matter knowledge of SCADA, ICS, Distribution Automation, Smart Grid, DMS, and ECS systems architecture.
• Knowledge of how system components are installed, integrated, and optimized
• Solid knowledge and experience with OT security aspects of operating systems, embedded operating systems, Programmable Logic Controllers (PLC), Remote Terminal Units (RTU), and Protection and Control relays.
• At least 3 years of experience as part of an electric utility
• Knowledge of embedded systems
• Knowledge of parallel and distributed computing concepts
• Demonstrated experience in security risk assessments, requirements development, secure design analysis, architecture assessment and development, and security testing of applications and systems.
• Knowledge of human-computer interaction principle
• Relevant security certifications (CISSP, CISM, GICSP)
• Knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs
• Demonstrated leadership ability.
• Knowledge of system fault tolerance methodologies
• At least 5 years of demonstrable security engineering or related experience, including:
• Experience in assessing security applications and systems, such as firewalls, security appliances, IDS/IPS, SSL or TLS, IPSec.
• Demonstrated experience and subject matter knowledge of security vulnerabilities and mitigation strategies for industrial SCADA protocols such as DNP3, IEC-61850, Modbus, Tejas V, CDC 2, Vancomm, etc.
• Knowledge of disaster recovery continuity of operations plans
• Knowledge of Risk Management Framework (RMF) requirements
• Extensive experience developing, evaluating, and implementing OT security architectures, technologies, standards, and practices to secure applications and OT.
• Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services
• Graduate degree in cyber security, engineering, or related area of expertise.
• Knowledge of network access, identity, and access
• Knowledge and experience in application security standards, methodologies, and technologies.
• Knowledge of configuration management techniques
• Demonstrated knowledge and experience in the implementation of governance frameworks and security risk management processes, such as NIST, ISO, ISA99, IEC 62443 guidelines and standards.
• Knowledge of incident response and handling methodologies.
• Excellent communication skills and the proven ability to work effectively with all levels of OT and business management.
• Ability to design architectures and frameworks
• Demonstrated experience and subject matter knowledge in cyber security for applications, web architectures, operating systems, databases, and networks.
• Proven analytical, problem solving, and consulting skills.
• Knowledge of ICS supply chain security and risk management policies, requirements, and procedure
• Skill in applying cybersecurity methods, such as firewalls, demilitarized zones, and encryption
• Knowledge of key concepts in security management (e.g., Release Management, Patch Management)
• Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)

Benefits

• Generous paid time off options, including vacation, sick time, floating and fixed holidays, maternity leave and bonding/primary caregiver leave or parental leave
• Annual Bonus for eligible positions: 15%
• Life and disability insurance
• 401(k) match and annual company contribution
• Annual salary will vary based on a candidate’s skills, qualifications, experience, and other factors: $102,400.00/Yr. – $140,800.00/Yr.
• Referral bonus program
• Employee Assistance Program and resources for mental and emotional support
• Medical, dental and vision insurance
• Wellbeing programs such as tuition reimbursement, adoption and surrogacy assistance and fitness reimbursement

Training + Development

Interview process

Visa Sponsorship

Security clearance