OT Cybersecurity Engineer

Brief Job Description:

• Deploy and maintain network infrastructure devices (e.g., switches, routers, etc.), security appliances (e.g., firewalls, IDS, IPS etc.), and virtualization solutions.
• Deploy and monitor security hardening and follow configuration procedures.
• Create detailed diagrams (e.g., network, cabling, server, rack, logical architecture, etc.), procedures, and plans (e.g., implementation, SAT, POC, mitigation, etc.) as needed to support projects.
• Manage ICS hardware & software assets inventory and assess assets for security vulnerabilities, obsolescence, and other risks.
• Participate in the change management process.
• Conduct regular vulnerability assessments & patch management.
• Participate in asset commissioning & decommissioning activities as well as provisioning and de-provisioning of OT systems access.
• Review administrative, technical, and physical security controls and provide recommendations to mitigate the identified security risks.
• Ensure compliance and adherence to the organization and government’s cyber security controls.
• Participate in ICS projects and changes to ensure proper implementation of cyber security requirements.
• Perform daily administrative tasks, reporting, and communication with the relevant departments in the organization.
• Define system security context, concept of operations, and baseline requirements in line with applicable cybersecurity policies.
• Participate in OT security incident response and investigations.
• Provide periodic reporting on information security issues.

Education:

• Bachelor’s Degree in Computer Engineering or any related field.
• GIAC certifications (e.g. GICSP, GRID, Critical Infrastructure Protection)
• ISA/IEC 62443 Cybersecurity Certificates
• Networking certifications (e.g., CCNA, CCNP, JNCIP-ENT, etc.)

Experience:

• 5 years of experience in OT cybersecurity or a relevant field.

Skills & Competencies:

• Deep knowledge of IT systems (x86/64 architecture / assembler (ARM and/or MIPS would be an advantage), Windows and Linux internals, popular file systems and executable file formats).
• Knowledge of network components, their operation, and appropriate network security controls and methods, along with understanding of risk assessment, mitigation, and management methods.
• Familiarity with national cybersecurity regulations and requirements relevant to the organization and relevant legislative and regulatory requirements.
• Understanding of OT Protocols including VNet IP, ModBus, and Standard OPC protocols.