Job Description Summary
Lead reviews, suggest architectural changes, conduct tests to ensure systems, controllers to meet Cyber security requirements. Collaborates with a team of controls and system engineers developing operational software for various subsystems. The position requires a clear understanding of OT System, cloud application architecture will be an added advantage and conversant with all Cyber security requirements.
Job Description
Essential Responsibilities:
This role requires strong cooperation with system and subsystem teams necessary for command and control of the systems involved. OT Cybersecurity Engineer should be comfortable making design decisions in a sometimes-uncertain context, crafting innovative solutions, and demonstrating rigorous and decisive leadership. Work with multiple teams in different location to deliver Cyber secure Projects, Control System, software to meet customer requirements.
As the OT Cybersecurity Engineer, you will:
· Collaborate with system and subsystem leads to define and develop top level software requirements, architecture and design.
· Facilitate decisions and bring teams together to design and document software architecture, modularity, and future- proofing.
· Support development of proofs-of-concept to prove out strategy and manage development and product risks Spearhead software design reviews and ensure software adherence to standards / architecture principles Champion testing and validation of critical architecture and interface requirements for real time controls system software as well as application tools.
· Own production of technical documentation for software architecture, design, verification plans.
· Guide and mentor software and development engineers.
· Contribute to multi-generation product and tool planning.
· Ensure all software developed is compliant to Cyber-security requirements.
· Be able to scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment
· Engage in incident response methods lead incident response processes related to product cyber
· Create and track meaningful metrics around product cyber risk and compensating controls
· Consult, architect on security requirements and utilize best practices to meet them
· Engage in application and domain-specific threat modeling and attack surface analysis/reduction
· Help prepare reports at appropriate levels of confidentiality for stakeholders to view
Qualifications / Requirements:
· Bachelor /master's degree in computer science or relevant engineering or equivalent knowledge / experience with 3-7 Years of Experience in OT and cybersecurity.
· Experience in Cyber security for controller, Systems in OT Space. Experience in Cloud architectures will be an added advantage.
· Familiar with penetration testing for controllers, Systems, Web software’s, CAPEC, Ethical hacking
· Familiar with fundamentals of cryptography
· Worked on Cyber security tools and solutions like Wireshark, NESSUS, Burp Suite, Nmap, Nozomi, Claroty, Splunk, Acronis, Ivanti, etc.
· Worked on active directory, certificate management and hardening w.r.t CIS benchmarks for critical assets like switches, windows-based workstation and controllers.
· Familiar with ISA/IEC 62443 standards and ABS guidelines.
· Familiar with threat modeling and risk assessment for OT products
· Familiar with firewall, SIEM, NIDS, HIDS configuration and deployment.
· Experienced in different phases of Software Development Life cycle (SDLC) including Design, Implementation and Testing during the development of software applications.
· Certifications like IEC 62443, CCNA, CEH, Security+, CISSP, GICSP, PNPT will be an added advantage.
Desired Characteristics:
· Experience in software development including system design, requirement gathering, software development and verification, build and release, documentation.
· Experience in build automation, continuous integration, configuration management, verification, deployment of software.
· Experience in database design and version control repository-based applications.
· Demonstrated track record of success with excellent technical written and verbal communication skills.
· Proven project management experience
· Builds and executes engineering processes for early detection of design flaws, vulnerabilities, weaknesses, missing security controls and secure implementation of security features.
Additional Information
Relocation Assistance Provided: Yes