ICT & Cyber Security Engineer

Job Description

To work with control system SMEs and operational staff to design, implement and support the security of ICS networked systems including but not limited to:

1. Security technologies such as firewall logs, IDS, endpoint security solutions, and access control systems.
2. Incident response and handling in an ICS environment which includes:
   1. Investigating computer and network intrusions.
   2. Remediation support.
   3. Performing comprehensive computer surveillance/monitoring.
   4. Identifying vulnerabilities.
   5. Developing secure network designs and protection strategies.
   6. Conducting audits of information security infrastructure.
3. Lead maintenance and administration efforts of internal ICS infrastructure with a strong understanding of ICS environments.
4. Support current and legacy computer technologies in the ICS environment. Operating systems may include Windows 95 through Windows 10 (and beyond) and various Linux operating systems.
5. Maintain the compliant cybersecurity ICS architecture of the plants as per local regulatory bodies.
6. Responsible for completion of the ICS DR recovery Plans, working with the local I&C team to populate and maintain the Plan as per corporate standards.
7. Actively manage and coordinate DR testing schedules, objectives, exercises, and reviews.
8. Collect and document information about current systems at each site including:
   1. Control applications.
   2. Hardware.
   3. Network and infrastructure and their dependencies.
9. Work with the NOMAC ICS local teams at each site to ensure that DR capabilities across the ICS environment will meet the Recovery Time Objective (RTO) and Recovery Point Objective (RPO).
10. Ensure the plan is tested as per the schedule in the DRP.
11. Maintain compliance with corporate and national regulations regarding ICS cybersecurity.
12. Participate in ICS security incident response through all phases.
13. Consult on ICS security matters as needed, acting as a liaison between operations and corporate IT security teams.
14. Design, implement, and manage innovative solutions for ICS infrastructure environments.
15. Attend meetings at various locations (in different countries) either in person or remotely on short notice to participate and understand the ICS challenges requiring innovative and cost-effective solutions.
16. Assist the Monitoring & Prediction Centre (MPC) team to resolve ICS-related issues (including connectivity aspects) for various plants on a timely basis.

Requirements

1. A Bachelor’s degree in Electrical/Electronics, Mechatronics, Industrial Engineering, or related field.
2. 10+ years of experience in managing ICS systems (including security aspects) with a track record of successful accomplishments.
3. Minimum of 3 years previous experience working in ICS cybersecurity.
4. Minimum of 3 years previous experience developing and/or deploying mitigation techniques for defending networks including ICS patch management (like Windows, Unix, Linux, and other operating systems).
5. Experience with various DCS/PLC/SCADA systems including managing cybersecurity aspects is preferable.
6. In-depth understanding of operating systems, network/system architecture, and IT architecture design related to ICS.
7. Thorough understanding and extensive experience with operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS) and the role of common system components.
8. Understanding of IT and OT network communication protocols (including TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, and PROFINET) and ability to perform packet analysis.
9. Understanding of threats, vulnerabilities, and exploits in ICS environments and appropriate mitigation techniques.
10. Understanding of ICS design considerations with emphasis on human safety and the availability/security of operating environment; preparation, review, and maintenance of documents, policies, and standards governing the security operations for ICS equipment and networks.