ICS Cybersecurity Consultant

Career Opportunities: ICS Cybersecurity Specialist RLP (2402)

This role is responsible for the protection, detection, response, and recovery of Industrial Control Systems (ICS) cyber security. Key responsibilities include developing and implementing a cybersecurity management system and framework, conducting internal/external audits to identify ICS cybersecurity gaps and vulnerabilities, managing patch deployment for Windows devices, and preparing for internal ICS audits.

• Routine Duties
• Establish a Cybersecurity Management System and Framework for the company
• Develop and Implement Necessary Cybersecurity Standard/Policy/Procedure/Risk Assessment Framework
• Plan and Facilitate Internal/External Audits to Identify ICS Cybersecurity Gaps and Vulnerabilities
• Manage Patch Deployment for Windows Devices in Network Levels 0 Through 3.5 as Well as Standalone Devices
• Identify Obsolete Operating Systems (OS) and Plan for Necessary Upgrades through Vendor Consultation
• Consolidate Standalone Devices (e.g., Laptops Used for PLC Configuration)
• Prepare for the Company's Internal ICS Audit by Completing Configuration Review Sheets for All Workstations, Servers, Switches, Firewalls, and Routers in the OT Environment. Correct Deficiencies and Document Deviation/Remediation Plans
• Participate in the Design of Cyber Solutions for the OT Environment (e.g., SIEM, IPS, ATP)
• Monitor Patch Deployment, Anti-Virus, SIEM, IPS, ATP, and Related Systems and Respond/Investigate Alerts
• Perform Detailed, Post Event Analysis of Cyber Events, and Direct Needed Incident Response Procedures
• Perform Detailed Technical Analysis of Industrial Control Systems (ICS) and Cyber Security Controls
• Participate in Vulnerability Assessments and Administrative Audits on Client Computer Systems and Network Devices Considering the Sensitivity of Operational Technology Testing
• Identify Cyber Security Gaps and Recommend Mitigation Strategies to Address Gaps
• Maintain Knowledge of the Cyber Security Capabilities of Operating Systems, Networking Devices, Control Systems, and Vendor Offerings
• Maintain a Broad Knowledge of Current and Emerging State-of-the-Art Computer/Network Systems Technologies, Architectures, and Products
• Resolve Technical Issues Considering Operating Impact and Be Able to Communicate Issue Resolutions to OT Organizations
• Secure Operational Technology Networks
• Design Comprehensive Technical Solutions that Meet Compliance Requirements and Implement the Appropriate Software to Mitigate Critical Security Risks (e.g., System and Antivirus Software, Encryption Modules, Patch Management Programs, Insider Threat Protection, Incident Response Plans, Forensic Capabilities, and Regulation Compliance)
• Lead Collaboration Efforts with Other Cyber Security Experts on Team to Develop Well-Constructed Approaches to ICS Risk Management, Mitigation, and Monitoring Strategies
• Responsible for Securing Systems Running ICS-Related Communications Protocols (e.g., MODBUS, PROFIBUS, etc.)
• Develop Simulated ICS Environments within a Virtual Infrastructure
• Participate in MOC / PSSR Process