| Job Opening || OT/IT Cyber Security Engineer-II || Manassas, VA Onsite ( Locals Only ) at Manassas, Virginia, USA |
| Email: [email protected] |
| H ello Hope you are doing great! This is Nitin, I work as a Tech. Recruiter at NYTP. Reach me at [email protected]) if you want to apply for the below role: Position OT/IT Cyber Security Engineer Location: Manassas, VA Onsite ( Locals Only ) T ype Long Term JOB DESCRIPTION This role's primary responsibility and priorities are to improve the OT cyber security posture and work towards implementing a robust OT DR environment. This resource will also work with the NOVEC IT team to bring the best practices from IT to OT and vice versa. Technical Requirements: Strong understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST SP 800-82, CIS, etc.) You'll assist multiple projects in supporting and maintaining technology solutions in the areas of Operational Technology (OT), including networking, servers, virtualization, and security technologies. Experience conducting risk assessments to identify vulnerabilities, threats, and potential impacts on the OT systems and infrastructure. Design and implement security architectures for OT systems. This includes developing secure network infrastructures, access control mechanisms, intrusion detection and prevention strategies, and other security controls to protect against cyber threats. Contribute towards developing the OT DR study, be responsible for implementing the recommendation from the DR study, and be accountable for testing and maintaining the OT environment, including OT DR. Experience in developing and implementing incident response plans for OT systems. Establishing procedures to detect, respond to, and recover from security incidents, such as malware infections or unauthorized access. Experience deploying and managing security monitoring tools to continuously monitor the OT systems for any signs of malicious activities or anomalies. This includes analyzing security logs, network traffic, and system behavior to detect potential security breaches. Designing and Implementing OT Security Measures: Protect OT systems, networks, and devices design by implementing security measures. This includes analyzing security logs, network traffic, and system behavior to detect potential security breaches. Deploy and manage security monitoring tools to continuously monitor the OT systems for any signs of malicious activities or anomalies. This involves assessing the security risks, identifying vulnerabilities, and developing and implementing appropriate security controls. Vulnerability Management: Performing regular vulnerability assessments and penetration testing to identify weaknesses in the OT systems. Working on remediation efforts to address any identified vulnerabilities and ensure that systems are patched and up to date. Security Policies and Standards: Development and enforcement of security policies and standards specific to the OT environment. This includes defining security baselines, access control policies, and security awareness training for personnel working with OT systems. Collaboration and Communication: Collaborating with cross-functional teams, such as IT teams, operations teams, and management, to ensure effective communication and coordination of cybersecurity initiatives. Providing guidance and recommendations to NOVEC stakeholders on cybersecurity best practices. Compliance and Regulations: Ensuring compliance, such as NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) NIST 800-53. (Security and privacy control information) Enhanced Incident Response and Recovery: Lead the incident response efforts in a cybersecurity incident or breach. Effectively investigate incidents, mitigate damages, and implement remediation measures to restore operations promptly. Collaborate with incident response teams and law enforcement (as needed) to reduce the impact of the incidents. Protection of Intellectual Property and Sensitive Data: Responsible for safeguarding OT valuable information from theft, sabotage, or unauthorized access, preserving the organization's competitive advantage, and protecting its assets. EDUCATION QUALIFICATIONS Degree in Computer Science, Computer/Electrical Engineering, Information Technology, or other technical field 5-10 years of OT/IT experience Knowledge of and experience in security processes and organizational design. Experience with network analysis and penetration testing tools such as BackTrack, Metasploit, Rapid 7 Nexpose, NMAP, and/or Wireshark. Strong understanding of SCADA operation work relating to Critical Infrastructure (Water, Transportation, Power, Energy, Oil, and Gas) Strong interest in the field of cybersecurity in industrial control systems and the Internet of Things Knowledge of penetration testing, programming, networks, and operating system One or more of the following Professional Certifications: Cisco Certified Network Associate (CCNA, CCDA) Response and Industrial Defense (GRID) Certified Penetration Tester (GPEN) Security Leadership Certification (GSLC) Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) DESIRED SKILLS Good communication skills and a strong work ethic. Work as an adaptable team player. Working knowledge of CIS controls. Thanks, _______________________________________ Nitin Pillai | New York Technology Partners 120 Wood Avenue S | Suite 504 | Iselin NJ 08830 | www.nytp.com We respect your online privacy. If you would like to be removed from our mailing list please reply with "Remove" in the subject and we will comply immediately. We apologize for any inconvenience caused. Please let us know if you have more than one domain. The material in this e-mail is intended only for the use of the individual to whom it is addressed and may contain information that is confidential, privileged, and exempt from disclosure under applicable law. If you are not the intended recipient, be advised that the unauthorized use, disclosure, copying, distribution, or the taking of any action in reliance on this information is strictly prohibited. -- Keywords: information technology New Jersey Virginia |
| [email protected] View all |
| Tue Sep 19 01:46:00 UTC 2023 |