Industrial Control Systems Cybersecurity Specialist

We power, cool, protect and connect the technology of the world's well-known hyperscalers, cloud providers and large enterprises. Our expertise has evolved data center design in innovative ways to deliver dramatic gains in reliability, efficiency and sustainability in flexible environments that can scale as quickly as the market demands.

This is a hands-on role where you will deploy, configure and maintain all OT cyber monitoring equipment. You will provide governance for the purchase, configuration, and maintenance on the OT environment with a keen focus on cybersecurity measures. You will work closely with partner Value Added Resellers (VARs) to learn about the latest technological changes and cybersecurity trends so that you can make informed purchase decisions. We are always looking for ways to strike the best balance between technology, performance, cost, and cybersecurity.

This ICS/OT Cybersecurity Engineer will be part of a team responsible for protecting a rapidly expanding global enterprise. The Cybersecurity Engineer will audit the Industrial Control System / Operational Technology (ICS/OT) environment and perform risk/vulnerability assessments leading to the development of an enterprise strategy/design plan. The Cybersecurity Engineer will lead implementation (hands-on configuration) of the cybersecurity ICS/OT systems.

Additional responsibilities include research, classification, and root cause analysis of security events that occur within the environment. The ideal candidate will have security industry knowledge that evolves with current and emerging vulnerabilities and threats, as well as an ongoing understanding of key business and technological processes.

• Take inventory of the environment's hardware and software assets and assess those assets for security vulnerabilities, obsolescence, and other risks.

• Conduct cyber mission dependency, criticality, mission failure, and adversary cyberattack scenario analyses to inform design of OT resilient architectures.

• Research, develop, operationalize, evaluate, and improve OT defensive tactics, techniques, and procedures (TTPs) for detecting and responding to cyber threats

• Research and develop OT Cyber Resiliency solutions including developing and operationalizing OT/ICS SCADA cyber defense architectures

• Collaborate with different departments to remediate and validate remediation of the vulnerabilities or identified issues

• Partner with other departments to review network architectures and determine if security best practices are being utilized.

• Work with vendors to ensure detailed diagrams, procedures, and plans are created and maintained for each deployment.

• Maintain and create documentation as needed

• Perform assessments against best practices and industry benchmarks including participating in audits

• Developing and operationalizing cyber sensor and cyber analytics architectures to enable more efficient and effective OT cybersecurity operations, threat-hunting, and forensics analysis.

• Represent the Cybersecurity team in meetings with stakeholders.

• Maintain awareness of industry trends, threats, and tools used to support enterprise security.

• Perform other ad hoc duties to support the company's security goals.

• Bachelor's degree in Cybersecurity, Computer Science, Engineering, or related focused technical training or 4 additional years of engineering experience that may have been acquired in the military or public sectors.

• 3 years of experience performing security assessments in an OT environment.

• Strong understanding of cybersecurity frameworks for ICS/OT environments

• Strong understanding of OT network communication protocols and industrial networking topologies.

• Familiarity with NIST (National Institute of Standards and Technology) Special Publication Revision 2, Computer Security Incident Handling Guide.

• Familiarity with NIST (National Institute of Standards and Technology) Special Publication 800-82

• Comprehensive knowledge of internet protocols, firewalls, proxies, and intrusion detection/prevention systems.

• Familiarity/Knowledge of the Perdue Enterprise Reference Architecture (PERA)

• Certifications for SANS GIAC Global Industrial Cyber Security Professional (GICSP), GIAC Response and Industrial Defense (GRID), Critical Infrastructure Protection are preferable.

• Understanding of MITRE ATT&CKS for ICS or NERC CIP frameworks

• Understanding of general cybersecurity frameworks (ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53), and Guide to Industrial Control Systems (ICS) Security (NIST SP800-82)

• A working knowledge of industrial control systems (e.g., Distributed Control System (DCS), Programmable Logic Controller (PLCs), Supervisory Control and Data Acquisition (SCADA), etc.)

• Demonstrable understanding of project/program management techniques and methods

• Strong Microsoft Excel skills required

• Excellent written and verbal communication skills with transparent and timely communication

• Expected travel is less than 20% but may be higher during construction projects. May grow and evolve over time

• Provide 24/7 support. Ability to work a non-traditional schedule, including evenings, weekends, and holidays.

• Security Certifications such as ISC2 Certified Information Systems Security Professional (CISSP), CompTIA Security+, CompTIA Network + or ISACA Certified Information Security Manager (CISM)

• ISA/IEC 62443 Cybersecurity Certificates preferable

• EC Council Certified Ethical Hacker (CEH), or Formal IT Security/Network Certification such as SANS GIAC Certified Intrusion Analyst (GCIA), SANS GIAC Network Forensic Analyst (GNFA),

• Data Center experience is strongly preferred, but not required

• Experience with one or more of the following:

  • Building Management Systems (BMS)

  • Mobile

  • Architectures including Windows or Linux server software and technologies

  • HA and redundancy configurations

  • Cloud and virtualization software and services

  • Hyper scaling

We operate with No Ego and No Arrogance. We work to build each other up and support one another, appreciating each other's strengths and respecting each other's weaknesses. We find joy in our work and each other, actively seeking opportunities to inject fun into what we do. Our hard and efficient work is rewarded with a total compensation package.

Throughout the year, the advantage of being part of the team is evident with an array of benefits, recognition, training and development, and the knowledge that your contribution adds value to the company and our community.

Don't meet all the requirements? Please still apply if you think you are the right person for the position. We are always keen to speak to people who connect with our mission and values.

We are an Equal Opportunity Employer