The Operations Technology (OT) Security Engineer is responsible for the planning, implementation and auditing of security policies and procedures to safeguard the integrity of and access to systems and electronic information to protect against accidental or unauthorized modification, destruction or disclosure. The Operations Technology (OT) Security Engineer will support projects, assess the effectiveness of the security of the network, infrastructure and ICS environment, and will, together with involved stakeholders, determine a solution strategy for detected security problems upon this scope. This position works with the members of the Security and the Operations Technology teams to detect actionable security events and, where applicable, the role supports investigations / forensics activities upon the network and ICS environment. The OT Security Engineer's role is to plan and engineer security tools, execute assigned security operations functions, operate and administer security tools directly or via 3rd party managed security services. The Engineer will advise resource owners on formation of appropriate security. Where applicable, the role supports investigations / forensics activities upon the network and ICS environment. Focus will be on protection and security of network devices, industrial control systems, operations technology systems, and applicable infrastructure.
10% Consult with IT technical services and Operations Technology staff to evaluate, select, install and configure hardware and software systems that provide appropriate security functions. Provide subject matter expertise and support solution shaping in the field of IT Network and Industrial Control System (ICS) Security.
20% Review operation logs and event console activity to determine cause of security-related events or to identify potential security-related events.
40% Contribute to security incident response activities. Participate in investigations of suspected information security misuse or compliance. Develop and refine event detection, incident response and forensics technical capability and procedures.
30% Assist in responses to external audits, penetration tests and vulnerability assessments on GAF networks, inclusive of ICS / SCADA networks.. Recommend the application of tools, controls, fixes, patches, disaster recovery procedures. Conduct penetration testing and vulnerability assessments with internal tools and coordination with external vendors.
LEVEL BASED COMPETENCIES
Level Based Competencies are to be designated based on job level and content.
Expert level knowledge of all aspects of ICS/OT security
Experience in risk assessment, audit, and IT/OT security assessments
Familiar with compliance regulations, IT, security frameworks and standards (i.e. NIST 800, ISO/IEC 27002, HIPAA, PCI, SOX, HITRUST)
General knowledge/skills (entry, intermediate, advanced)
Self-Starter that requires minimal supervision and multi-tasks effectively
Excellent analytical and communication skills
Ability to interface with internal customers at all levels of the organization
Good skills in Prioritizing
Advanced Analysis & Problem Solving Skills
Light supervision and oversight required
Adherence to performance review and goal setting process
Proactively working with manager to identify training needs to expand and improve skills
Provide on-the-job training/support to new/other team members
Proactively seeks guidance from other team members when needed.
Good ability to apply feedback received to day-to-day work and strives to improve performance
Master's or Bachelor's Degree in Computer Science, Information Systems, or Associate's Degree from a Technical Institution
6+ years of IT, Security, and business/industry work experience
4+ years ICS / OT experience
We believe our employees are our greatest resource. We offer competitive salary, benefits, 401k, and vacation packages for all full time permanent positions. We are proud to be an equal opportunity workplace and GAF, SGI, and Siplast are proud to be affirmative action employers. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. If you have a disability or special need that requires accommodation, please let us know. If applying for positions in the U.S., must be eligible to work in the U.S. without need for employer sponsored visa (work permit).