Cyber Engineer Level 4

Applied Integrated Technologies • Columbia, Maryland, United States • 4w ago

Job Details

Maryland - Columbia, MD

Full Time

Up to 25%

Demonstrates ability to independently perform complex security analysis of classified and unclassified applications, systems and enclaves for compliance with security requirements. Performs ICS (Industrial Control System)/SCADA (Supervisory Control and Data Acquisition) IT (Information Technology) & OT (Operational Technology) cybersecurity vulnerability evaluations. Uses a variety of security techniques, technologies, and tools to evaluate security posture in highly complex computer systems and networks. Ability to perform vulnerability and risk analysis as well as participating in a variety of computer security penetration studies.

Analyzes and defines security requirements for ICS & SCADA computer and networking systems, to include mainframes, workstations, and personal computers. Recommends solutions to meet security requirements. Gathers and organizes technical information about an organization's mission goals and needs as well as makes recommendations to improve existing security posture. Demonstrates understanding of ICS/SCADA IT & OT Protocols and Network Interfaces. Competent to work at the highest level of all phases of information systems auditing. Demonstrated understanding of ICS/SCADA Cyber protections and assessments.

Requirements for 7-12 years of experience in OT and IT

Required: 1) OT design, construction, implementation, installation, programming, Factory Acceptance Test (FAT), Site Acceptance Test (SAT), and/or Operations and Maintenance of ICSs; 2) This experience will be in electrical, mechanical, security, and fire alarm systems; 3) Cyber security defense in IT and OT systems; 4) Knowledge in IT and OT protocols; 5) IT design, construction, implementation, installation, programming, FAT (Factory Acceptance Test), SAT (Site Acceptance Test), and/or Operations and Maintenance of IT systems; 6) Knowledge in IT and OT configuration management, system management, end point defense, log management, updates and patching, encryption techniques and procedures, Standard Operating Procedures (SOPs), security policies, password management, contingency and continuity of planning policies, risk assessment, auditing, incident response and mitigation techniques; and 7) Cyber analysis of IT and OT systems.

Desired: 1) Hands-on experience of programming ICS vendor Human Machine Interface (HMI) equipment as well as Programmable Logic Controllers (PLCs) and/or Remote Terminal Units (RTUs); 2) Knowledge in OT and IT system interaction; and 3) Hands-on experience of loading Windows and Linux/Unix OS (Operating Systems), installation of laptop and desktop software and hardware on these systems, installation of network software and hardware on these systems, configuration and maintenance of hardware systems, configuration and maintenance of software systems, configuration and maintenance of network systems, and configuration and maintenance of databases.

Education

BS in Engineering, Computer Science, Information Systems, Cyber Security, or related field. Training in ICS and SCADA is required. Security and Facilities Operation Center experience is highly desired. CISSP (Certified Information Systems Security Professional), CSSA (Certified SCADA Security Architect), GICSP (Global Industrial Control Security Professional), ICS-Cert, ISA Certification, and MS (Microsoft) Windows Operating Systems certifications, MS Server certifications, MS Database certifications, Linux Operating Systems certifications, Linux Server certifications, and Linux Database certifications or relevant experience are highly desired. Knowledge of NIST SP 800-53, Revision 4 and NIST SP 800-82, Revision 2 are required.

This position requires 30% travel.