ICS Security Consultant (Remote)

Fireeye Washington , DC 20319

Posted 7 months ago

FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,000 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.

Protect industrial networks and ICS/SCADA systems

Our Industrial Response Security Consultants combine industry-leading FireEye security technology and intelligence to deliver incident response, compromise assessments and threat modeling to clients within the Industrial Control Systems space.

The risk profile of controls systems is continually changing as Operational Technology (OT) and IT networks become increasingly interconnected. The changing risk profile increases FireEye's need to assist clients in preventing, detecting, responding to, and recovering from cyber security incidents involving control systems. Our investigations expose threats targeting power plants, water, manufacturing systems, and other control systems. Our teams then develop innovative analytics for detection, support investigations, and incident response solutions.

Responsibilities:

  • Act as a subject matter expert (SME) on ICS matters to the larger consulting practice

  • Conduct log analysis, host and network forensics in support of incident response investigations

  • Work with IT and OT client staff to conduct a thorough investigation and implement an effective remediation strategy

  • Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied in current and future investigations

  • Hunt for active threats and malicious activity within control systems and identify possible attack vectors

  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences

  • Conduct table top exercises based on first hand knowledge of real world attacks to help organizations better prepare for future attacks

  • Effectively communicate investigative findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel

Requirements:

  • Excellent verbal and written communication skills

  • Hands-on experience in log analysis, host and network forensics

  • Hands-on experience with operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, RTUs, HMI and Distributed Control Systems (DCS)

  • Well-versed in various control frameworks, including: IEC62443, NERC CIP, NIST

  • Fundamental understanding of IT and OT network communication protocols (For example: TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.)

  • Familiarity with Unix and Windows operating systems and administrative tools

Additional Qualifications:

  • Willingness to travel up to 50%

  • Ability to successfully interface with both internal and external clients

  • Ability to document and explain technical details in a concise, understandable manner

  • Self-motivated and results focused; ability to strengthen the team and its mission

  • Global Industrial Cybersecurity Professional (GICSP), Certified SCADA Security Architect (CSSA), or Certified Information Systems Security Professional (CISSP) Certifications a plus

All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Cloud Infrastructure Security Senior Consultant Aws/Azure/Google Cloud Platform

Deloitte & Touche L.L.P.

Posted 1 week ago

VIEW JOBS 10/11/2019 12:00:00 AM 2020-01-09T00:00 Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cloud Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you'll do You will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Conducting cloud security analysis of prospective clients' Cloud platforms/environments based on Deloitte's Cloud Cyber Risk Framework. This can include IaaS, PaaS and SaaS Cloud platforms such as Azure, AWS, Workday and 0365. * Performing technical health checks for Cloud platforms/environments prior to broader deployments. * Executing on Cloud security engagements during different phases of the lifecycle – assess, design, and implementation. * Implementation of industry leading practices around cyber risks and Cloud security for clients. * Designing and developing Cloud-specific security policies, standards and procedures. * Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. * Documenting all technical issues, analysis, client communication, and resolution. * Executing on Cloud security engagements during different phases of the lifecycle – assess, design, and implementation. * Implementing industry leading practices around cyber risks and Cloud security for clients. * Provide internal technical training to Advisory personnel as needed. * Support Managed Services team on client calls as necessary. The team Deloitte Advisory's Cloud Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient.TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory's Cyber Risk Services practice. Learn more about Deloitte Advisory's Cyber Risk Services practice Required: 2+ years of information technology and/or information security experience. Ideally technical experience in at least one of the areas listed below. * 2+ years in systems engineering role supporting public or private clouds * 2+ years of hands-on technical networking experience such as enterprise-level proxy server and/or firewall implementation or operations. This should include knowledge of OSI Model and TCP/IP protocol suite such as (IP, ICMP, TCP, UDP, SNMP, FTP, TFTP, SFTP, HTTPS). * 2+ years of hands-on technical experience enterprise-level directory/messaging services (Active Directory, LDAP, Exchange, SharePoint, 0365) implementation or operations. 2+ years of hands-on technical experience enterprise-level systems management systems such as SCCM and endpoint engineering, or mobile device management implementation or operations. * 2+ years of hands-on technical experience enterprise-level security incident and event management (SIEM) or DLP systems implementation or operations Ideally one of the following cloud-related technical experience: * 1+ years of working with different Cloud platforms (Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS)) and environments (Public, Private, Hybrid). * 1+ years of hands-on technical experience implementing security solutions for leading Cloud service providers e.g., Amazon AWS, Microsoft Azure, Google Cloud Platform. * 1+ years of working experience with Virtualization including security for one or more of the following: Compute, Network, Storage, End-point, Application. * 1+ years of working knowledge with Cloud service provider technologies e.g., Amazon AWS, Microsoft Azure, Google Cloud Platform Additional Requirements: * Must be willing to travel up to 80% within North America. * BA/BS Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. * Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future. Preferred: * Previous Consulting or Big 4 experience preferred. * Certifications such as: CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How you'll grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Learn more about what working at Deloitte can mean for you. Deloitte's culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte.Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte's impact on the world. Learn more about Deloitte's impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you're applying to. Check out recruiting tips from Deloitte professionals. Check out recruiting tips from Deloitte professionals. As used in this posting, "Deloitte Advisory" means Deloitte & Touche LLP, which provides audit and enterprise risk services; Deloitte Financial Advisory Services LLP, which provides forensic, dispute, and other consulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a wide range of advisory and analytics services. Deloitte Transactions and Business Analytics LLP is not a certified public accounting firm. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. These entities are separate subsidiaries of Deloitte LLP. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. Deloitte will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws. See notices of various ban-the-box laws where available. https://www2.deloitte.com/us/en/pages/careers/articles/ban-the-box-notices.html Requisition code: E20NATFSRCGB001-CI * * * * * * Deloitte & Touche L.L.P. Washington DC

ICS Security Consultant (Remote)

Fireeye