Find your next opportunity.
OT/IT Cyber Security Engineer
Manassas Manassas, VA 20110 US
Our client is actively seeking a talented OT/IT Cyber Security Engineer located in Manassass, VA. This is a 6-month contract opportunity.
This role's primary responsibility and priorities are to improve the OT cyber security posture and work towards implementing a robust OT DR environment. This resource will also work with the NOVEC IT team to bring the best practices from IT to OT and vice versa.
- You'll assist multiple projects in supporting and maintaining technology solutions in the areas of Operational Technology (OT), including networking, servers, virtualization, and security technologies.
- Design and implement security architectures for OT systems. This includes developing secure network infrastructures, access control mechanisms, intrusion detection and prevention strategies, and other security controls to protect against cyber threats.
- Contribute towards developing the OT DR study, be responsible for implementing the recommendation from the DR study, and be accountable for testing and maintaining the OT environment, including OT DR.
- Designing and Implementing OT Security Measures: Protect OT systems, networks, and devices design by implementing security measures. This includes analyzing security logs, network traffic, and system behavior to detect potential security breaches. Deploy and manage security monitoring tools to continuously monitor the OT systems for any signs of malicious activities or anomalies. This involves assessing the security risks, identifying vulnerabilities, and developing and implementing appropriate security controls.
- Vulnerability Management: Performing regular vulnerability assessments and penetration testing to identify weaknesses in the OT systems. Working on remediation efforts to address any identified vulnerabilities and ensure that systems are patched and up to date.
- Security Policies and Standards: Development and enforcement of security policies and standards specific to the OT environment. This includes defining security baselines, access control policies, and security awareness training for personnel working with OT systems.
- Collaboration and Communication: Collaborating with cross-functional teams, such as IT teams, operations teams, and management, to ensure effective communication and coordination of cybersecurity initiatives. Providing guidance and recommendations to NOVEC stakeholders on cybersecurity best practices.
- Compliance and Regulations: Ensuring compliance, such as NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) NIST 800-53. (Security and privacy control information)
- Enhanced Incident Response and Recovery: Lead the incident response efforts in a cybersecurity incident or breach. Effectively investigate incidents, mitigate damages, and implement remediation measures to restore operations promptly. Collaborate with incident response teams and law enforcement (as needed) to reduce the impact of the incidents.
- Degree in Computer Science, Computer/Electrical Engineering, Information Technology, or other technical field
- 5-10 years of OT/IT experience
- Knowledge of and experience in security processes and organizational design.
- Experience with network analysis and penetration testing tools such as BackTrack, Metasploit, Rapid 7 Nexpose, NMAP, and/or Wireshark.
- Strong understanding of SCADA operation work relating to Critical Infrastructure (Water, Transportation, Power, Energy, Oil, and Gas)
- Strong interest in the field of cybersecurity in industrial control systems and the Internet of Things
- Knowledge of penetration testing, programming, networks, and operating system
- One or more of the following Professional Certifications:
- Cisco Certified Network Associate (CCNA, CCDA)
- Response and Industrial Defense (GRID)
- Certified Penetration Tester (GPEN)
- Security Leadership Certification (GSLC)
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- Strong understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST SP 800-82, CIS, etc.)
- Experience conducting risk assessments to identify vulnerabilities, threats, and potential impacts on the OT systems and infrastructure.
- Experience in developing and implementing incident response plans for OT systems. Establishing procedures to detect, respond to, and recover from security incidents, such as malware infections or unauthorized access.
- Experience deploying and managing security monitoring tools to continuously monitor the OT systems for any signs of malicious activities or anomalies. This includes analyzing security logs, network traffic, and system behavior to detect potential security breaches.
- Protection of Intellectual Property and Sensitive Data: Responsible for safeguarding OT valuable information from theft, sabotage, or unauthorized access, preserving the organization's competitive advantage, and protecting its assets.
Job Requisition # 37718
A reasonable estimate of the pay range for this role is $56.75 – $61.75 per hour.
The disclosed pay range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. The compensation decisions are dependent on the facts and circumstances of each case, such as skills and experience levels.
Company – Staffing – 501 – 1000 employees
APC believes that the workplace should be fun and enjoyable. Join our team today and ignite your career!
APC is a professional services organization focused on engaging people and positively impacting lives. As professionals serving professionals, we take pride in providing our employees with the highest level of customer service and support, creating meaningful, fulfilling and rewarding experiences every day.
APC is committed to creating a diverse work environment and is proud to be an equal opportunity employer. All qualified individuals will receive consideration for employment without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, genetics, or veteran status. #LI-LB1