Cybersecurity Analyst

POSITION SUMMARY:

• Support projects by addressing Facility Related Control System (FRCS) and Industrial Control System (ICS) Cybersecurity, utilizing Information Technology (IT) information and techniques in the Operational Technology (OT) space. Technical focus, working with networking, systems, design, and development teams. This includes advising teams and outside clients on security topics and helping review implementations.

• Support the execution of projects for external clients consisting of network design and re-design, cybersecurity vulnerability assessments, secure system design, and/or development of cybersecurity programs for clients in a wide variety of industries utilizing the NIST Cybersecurity Framework (CSF), DoD 8500.01, UFC 4-010-06, National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), and other industry specific compliance frameworks and regulations.

PRIMARY RESPONSIBILITIES:

• Participate in project meetings with the client to identify existing cybersecurity controls and what controls/processes need to be included in the design.

• Prepare design documents with provisions for proper cybersecurity compliance with applicable standards.

• Perform risk assessments of IT infrastructure and applications and make recommendations for improvements.

• Develop cybersecurity implementation strategies for operational technology environments with clear understanding of the differences between IT and OT spaces.

• Create technical design documentation and write technical reports for both technical and management understanding.

• Stays informed about the current cybersecurity threats to the OT and ICS environment.

• Ability to travel nationally or internationally. Some travel is expected for this position.

QUALIFICATIONS:

• Bachelor's Degree or equivalent work experience in Cybersecurity, Computer Science, Computer Engineering, Electrical Engineering, Information Systems Security or equivalent.

• ICS-related certification (i.e. SANS GICSP) or GSEC certification required.

• US citizenship required.

• Demonstrates knowledge of applicable cybersecurity standards involving control systems, including those relating to process (ICS) networks.

• Background in design of cybersecurity systems required. Military FRCS cybersecurity background preferred.

• Familiar with NIST SP 800 series framework preferred.

COMPETENCIES:

Direction

• Demonstrates willingness to take on responsibilities and challenges; fulfills obligations reliably and dependably.

• Determines how a system should work and how changes in the conditions and operations will affect outcomes.

• Identifies indicators of system performance and actions needed to improve performance relative to the goals.

• Attention to Detail

• Thorough when performing work and conscientious about details.

Collaboration

• Listens actively to understand what people say, asks questions, and speaks to convey information effectively.

• Effective Communication

• Expresses information to individuals or groups effectively, considering the audience and nature of the information (for example, technical or sensitive).

• Coordinates work with others, adjusting actions in relation to others' actions; reconciles differences when needed.

• Works with clients to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Innovation

• Identifies complex problems and reviews related information to develop options and implement solutions.

• Uses logic and reasoning to identify strengths and weaknesses of alternative solutions or approaches to problems.

• Considers the relative costs and benefits of potential actions to choose the most appropriate ones.

Development

• Understands the implications of latest information for current and future problem-solving and decision-making.

• Teaches others about information security and provides resources to facilitate learning and security.

Expertise

• Thorough understanding of cybersecurity principles and general knowledge of cybersecurity technologies, as well as industry recognized certifications.

• General knowledge of cybersecurity vulnerability assessments, penetration tests, and the tools/techniques involved in both.

• General knowledge of the capabilities and/or configuration of cybersecurity controls, specifically those relating to firewalls.

• Maintain a basic knowledge of current and emerging state-of-the-art computer and network systems technologies, architectures, and products.

• Demonstrates knowledge of control systems utilized by utilities, manufacturing, transportation, smart cities.

• Demonstrates knowledge of computers, technology, telecommunications, and communications.

• Review Control Correlation Identifiers and implement corrective measures to assure cybersecurity of control systems.

KEY PERFORMANCE INDICATORS

• Successful project implementation of cyber security systems and protocol design and review.

• Collaboration, communication, and relationship-building are key to the success of this role.

PHYSICAL DEMANDS:

• Typical physical demands associated with working in an office environment.

Click Here: A Great Place to Work

#LI-Remote