Industrial Control Systems (ICS) Security Architect
This role will provide an innovative and comprehensive approach for complex business and technology initiatives pertaining to cyber security and smart grid environments utilizing cyber defense, enterprise risk management, information assurance and information security. This role will also assist with the identification and evaluation of holistic security gaps with a focus on infrastructure and the business applications layer. Additionally, this role will identify and integrate sound security controls for applications, systems, and processes for the organization.
PRIMARY DUTIES AND RESPONSIBILITIES
1. Support the Industrial Control System (inclusive of Distributed Control Systems (DCS), Electric and GAS SCADA and Smart-Grid) Security Architecture based on industry-specific security standards 20%
2. Participate in cyber security risk assessments of industrial control systems (ICS), to include all cyber assets, such as: Energy Management Systems (EMS), DCS, Human machine interfaces (HMIs), Programmable logic controllers (PLCs), Remote terminal units (RTUs), and Supervisory control and data acquisition (SCADA) 15%
3. Deploy internal ICS and Smart Grid security standards based on NERC CIP, NIST 800-82, ISA99, NISTIR 7628, and other industry-specific security standards 10%
4. Perform risk and vulnerability research, aiding in the development of the ICS security posture, in response to the evolving ICS threat landscape 10%
5. Support Smart Grid and SCADA/ICS Projects, Security Monitoring, Vulnerability Assessment, Penetration Testing, Cybersecurity Analysis, and NERC CIP audit readiness evaluations. 15%
6. Incorporation of ICS penetration and/or vulnerability testing reports into ICS risk register 10%
7. Mitigate and/or remediate deficiencies ensuring risks will be reduced to accepted levels prior to technology implementation 10%
8. Research and contribute to industry best practices 10%
Direct Supervision: N/A
Indirect Supervision: N/A
Key Internal: This position will engage multiple I.T. groups and business units, including Energy Supply, Energy Distribution, Energy Delivery, and GAS. Interactive engagement will require communication with include individual contributors, middle management and executive management.
Key External: This position will engage external contacts including vendors, contractors, regulatory agencies (ex: FRCC, NERC), industry associations, and other utility partners.
702 N Franklin St
From the same organization