Cyber Security Engineer, Sr

ITC Novi , MI 48377

Posted 5 months ago

Responsible for the development, design, implementation, maintenance and integration of state-of-the-art cyber security tools in defense and protection of Industrial Control Systems and SCADA systems and corporate computing assets from attack or misuse. Maintains current working knowledge of FERC and NERC CIP security regulations. Responsible for implementation of required security solutions as scheduled and within budgetary constraints. Functions as third tier support for all implemented security controls and systems, such as but not limited to, firewalls, intrusion prevention, end point protection, SIEM, etc.

ESSENTIAL DUTIES & RESPONSIBILITIES

  • Designs, implements and supports cyber security controls in compliance with all relevant regulations associated with NERC Critical Infrastructure Protection (CIP), HIPAA and Sarbanes Oxley

  • Works in collaboration with other groups to develop standardized security practices, policies and procedures to support the development of high quality, tightly integrated, consistently available, secure, flexible and fault-tolerant transmission network architecture while considering aspects of cyber security and associated protocols and processes

  • Evaluates, builds, validates and verifies system security designs that integrate security controls to achieve the desired degree of protection commensurate with the adverse impact that loss, compromise or misuse of the Bulk Electric System (BES) Cyber Assets could have on the reliable operation of the system

  • Assists in designing defensive security architecture by establishing and monitoring the logical and physical boundaries that control data transfer between boundaries based on business need and security requirements

  • Researches emerging technologies in support of security enhancement and development efforts

  • Provides consultative services to secure integration of new or modified assets in the company network infrastructure by assisting with identifying requirements and the evaluation, selection and implementation of vendor products and services

  • Selects, designs, tests and integrates IT security solutions such as QRADAR SIEM, Rapid 7 Vulnerability Management, Firewalls, IDS/IPS, Web Sense DLP, Identity and Access Management, Automated Configuration Management and Monitoring

  • Assists in developing standard monitoring tool configuration and deployment

  • Prepares preventative maintenance schedules and backup program necessary to ensure robust network environment including software upgrades and regular maintenance on infrastructure or security related devices

  • Coordinates with others in the department and engineering customers to apply fixes and patches in the event of a security breach

  • Assists in testing controls, modifies configurations to strengthen the system and remediates any deficiencies identified

  • Assists in technology security assessment requests including developing responses to internal and external audits, penetration tests and vulnerability assessments

  • Creates supply chain controls for vendor development, configuration, shipping and storage assessment

  • Participates in 24x7 on-call rotation

  • Mentors junior level team members

  • Bachelor's degree in Computer Science or related technical area with a minimum of five (5) years of experience in Network Security or Information Technology, or equivalent related experience.

  • Minimum of three (3) years of experience (in any combination) of the following areas:

  • Large scale network environment

  • Managing vendor relationships including product evaluation and licensing knowledge

  • Designing, developing, implementing and administering security policies and standards

  • Implementing and administering an information security program focused on compliance with legal and regulatory standards such as NERC Critical Infrastructure Protection

  • Infrastructure strategic planning and development

  • Minimum of three (3) years of experience with industrial control systems in an energy utility environment preferred:

  • Designing critical communications links for mission critical utility applications such as Transfer Trip, SCADA, Operations Centers, Substation and Power Houses preferred

  • Designing communications links for IP convergence planning and implementation of SCADA over IP, IP based Security and NERC CIP compliance preferred

  • Designing and implementing large scale Transmission networks preferred

  • Expert knowledge of network security concepts and technologies, including but not limited to firewalls, IDS/IPS, proxy servers, access control systems, Checkpoint preferred

  • Experience implementing Cisco Network Access Control (NAC) and Access Control Server (ACS) preferred

  • Possesses and maintains two or more security certifications GAIC, GPEN, GCIA, GCED, CEH. CISSP and GCIH preferred

  • Possesses and maintains one or more product certifications such as Checkpoint CCSE, Checkpoint CCSPA, CISSP, GAIC, CEH, Checkpoint CCSA, Tripwire Operator, etc.

  • Possesses experience with Tripwire or equivalent configuration management technology preferred.

  • Expert use of MS Office suite, including Visio

  • Sound judgment; strong analytical and logical problem solving skills

  • Must possess good communication skills both written and verbal

  • Strong interpersonal communication and relational skills that support constructive collaboration with multiple business organizations

  • Ability to participate in a team, manage multiple tasks and contribute to a work environment that is recognized for organization, timeliness, cost-effectiveness, accuracy and results

  • Adaptable and reliable in the face of conflict, crisis or changing priorities

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Security Analyst

Vibe Credit Union

Posted 2 weeks ago

VIEW JOBS 7/3/2019 12:00:00 AM 2019-10-01T00:00 Vibe Credit Union is currently looking for a Cyber Security Specialist join our team. This position is located in Novi. Please see below for details. Our Mission Statement We are here to improve our members' financial lives. As one team, we serve our members and the community. Our vision is to be the financial institution that people choose first and use the most. Our Core Values At Vibe, we are committed to these values to make it the very best for our members and our employees: * We do what we say * We are kind and respectful of everyone's unique situation * We celebrate our victories * We learn, grow, and embrace change. Position Purpose The Cyber Security Analyst will provide input on cyber security strategy and provide recommendations to improve the security position. This position will focus on identification, analysis and remediation on threats to the infrastructure, vendors and data. Essential Duties * Maintain and manage the cyber security assessment * Coordinate the work efforts and serve as the point of contact/liaison between the external auditors during Information System Audits, such as penetration testing and regulatory audits * Assist in the resolution of internal and external audit findings * Participate in development and maintenance of Business Continuity Plan * Assist in vendor oversight including data sharing and SOC reviews * Participate in the perpetual development of security architecture and security policies, principles and standards * Collaborate on projects to ensure that security issues are addressed throughout the project lifecycle * Monitor web, data, and email security * Research and assess security alerts and recommend remedial action * Remain current on knowledge of new and emerging risks and threats in the security and data information industry and threats presented in the financial service industry * Coordinate employee training of information technology security awareness * Monitor standards for system access management * Performs vulnerability assessments to identify control weaknesses and the effectiveness of existing controls, and recommends remedial action * Other duties may be assigned Education and/or Experience * Bachelor's Degree in information systems, or equivalent experience * Minimum of three years in network security experience * CISSP or CISA preferable * Experience with data loss prevention and PCI compliance is a plus Skills/Abilities * Strong analytical skills, to analyze appropriate security controls * Effective written and verbal communication skills * Ability to interact cross functionally with all levels of personnel * Strong knowledge of network concepts and protocols * Ability to travel Physical Requirements for this Position These physical demands are representative of the physical requirements necessary for an employee to successfully perform the essential functions of the Internal Auditor position. Reasonable accommodations can be made to enable people with disabilities to perform the described essential functions of the position. While performing the responsibilities of the job, the employee is required to hear, see, talk, stand, walk, stoop, kneel, lift, push, pull, and grasp. Vibe Credit Union is proud to be an Equal Opportunity Employer-Minorities/Women/Disabled/Veterans/Sexual Orientation/Gender Identity, committed to workplace diversity ed/Veterans/Sexual Orientation/Gender Identity, committed to workplace diversity Vibe Credit Union Novi MI

Cyber Security Engineer, Sr

ITC