[ Back ] [ The Roadtechs Nuclear Job Board ] [ Help ] [Edit ] [Mark Position Closed ]
ICS Cyber Security Senior Engineer / Administrator
12 months with possible extension
Location: Waynesboro GA
*This position will be filled as OT/IT Cyber Security Senior Engineer/Administrator depending on experience & education*
In this position, the Industrial Control Systems (ICS) Cyber Security Engineer / Administrator can expect to be responsible for assisting in the evaluation and implementation of network architecture and cyber security services and technologies at the Vogtle Power Plant in Waynesboro, Georgia. The individual in this position will work as a member of the Cyber Security group and will be responsible for a variety of functions utilizing their understanding of cyber security practices and technologies. The candidate should have a thorough background and experience in information assurance/cyber security application to ICS, technical security audit, and general information technology & networking.
An ideal candidate for this position would be expected to provide technical advice and leadership in the realm of cyber security and have comprehensive knowledge of several areas of specialization within the cyber security discipline and industrial control systems architecture. Candidates in this position are directly responsible for providing technical leadership for engineering design, build, configuration, and testing of security systems and industrial control networks.
Contribute to project team efforts as the network architecture/cyber security engineer both in the office onsite and at nuclear power generation sites
Conduct moderately complex network architecture & cyber security analysis, product installation and configuration, site acceptance testing, and troubleshooting
Create asset lists including software and firmware details in support of Cyber security assessments
Provide network and system specification documentation deliverables to address cybersecurity vulnerabilities and the security controls necessary to mitigate the vulnerabilities to an acceptable level of risk.
Review technical documentation including product configuration/implementation guides, requirements traceability, test plans, test procedures, test reports, and user administration guides
Participate in information sharing with internal and external customers including the delivery of presentation material, technical training, and knowledge transfer
Identify and assist in the development of new business opportunities including input to project proposals and associated technical descriptions when bidding on new projects
Follow cyber security program policy and procedures
Perform system administration, network configuration, and virtual environment management (Windows Server and client system administration setup and support expertise, Cisco device support, Palo Alto support, and VMware ESXi management)
Participate in control systems master planning efforts focused on Ovation control system security including application of host-based security products from a centralized server and secure (hardened) configuration of system components
Network security including network firewalls, data diodes, security information & event management, network intrusion detection, deep packet capture / inspection
Work with customers onsite to complete documented changes on plant ICS equipment
Technical Bachelors Degree in Engineering (Electrical or Computer) or Computer Science, Information Sciences and Technology, Cyber Security / Information Assurance, or similar
Ability to be granted 10 CFR 73.56 Trustworthy and Reliable clearance for US Power Plant Entry.
Minimum of 3 years of professional experience (engineering, administration, and security of IT/OT)
Experience performing requirements management or security audit/assessments
Experience with common PLC, Scada, DCS platforms
Experience working in an industrial Operational Technology Environment
Knowledge of engineering principles and techniques
Knowledge in areas such as network design and hardening
Windows Domain setup expertise specifically working within Active Directory, Group Policies, SysInternals, and Auditpol
Experience with security control frameworks such as NIST 800-53, NIST 800-82r2, 20 Critical Controls, ISO 27002, NEI 08-09, and CIS
High level of experience in troubleshooting system integration issues, and working with cyber security, network, and virtualization technologies to implement comprehensive solutions
Experience in industrial environments or industrial control systems a plus
At least one of the following security certifications from a nationally recognized organization is preferred but not required.
GIAC Security Essentials Certification (GSEC), CompTIA Security+ or equivalent
GIAC Systems and Network Auditor (GSNA), ISACA Certified Information Systems Auditor (CISA) or equivalent
Cisco Certified Network Associate: Routing and Switching (CCNAX)
ISC2 Certified Information Systems Security Professional (CISSP)
Other related technical certifications showing areas of expertise from qualified and reputable vendors and certification agencies
Empyrean Services is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status or any other protected status.