Cyber Security Engineer Consultant (NERC, CIP)

11 - 15 years experience  •  IT Consulting/Services

Salary depends on experience
Posted on 11/15/17
Scranton, PA
11 - 15 years experience
IT Consulting/Services
Salary depends on experience
Posted on 11/15/17

A General Description: Our client requires a computer engineer/computertechnician to serve as an engineer/technician in thecybersecurity program. What person is to do:

  1. Cyber Incident Response for Kiosk Detections and PMD Detections per Procedure
    1. Conduct Triage on Detections
    2. Use Common Malware Analysis Tools to Determine Maliciousness
    3. Determine Impacts of Malware on Process
    4. Write up Malware Report (either false positives or actual events) in normal language
    5. Participate in Actual Events and Drills
  2. Cyber Vulnerability Review
    1. Monitor Lists and Boards for Cyber Security Vulnerabilities
    2. Initiate Actions if necessary to Evaluate here
    3. Evaluate Vulnerabilities Per NSEP-QA-511 and LS-115
    4. Determine Actions to Mitigate Vulnerabilities with input from SSES Personnel
  3. CSAT Support - Questions as required by CSAT, generally on how industrial systems and protocols work
  4. PMDNetworkSupport
    1. Anti-Virus, NetworkSwitches, Signature Updates per procedure
    2. Investigate Problems with Equipment and Fix
    3. Ensure Improvements to PMD are Justifiable and Cost Effective
    4. Document PMD Network
  5. PMD Program Support
    1. Respond to Action Requests by SSES personnel
    2. Evaluate and Classify PMD per procedure
    3. Harden and Provision Laptops on Request
    4. Update Kiosk Definitions (I’m assuming Scotty will want to give this to anyone new)
    5. Monitor CYBERTRK Database for Issues
    6. Replace RFID Tags if they Die
    7. Update Program Documents on New Information or Regulatory Changes (require approval from SSES personnel)
  6. MOD Support
    1. Answer Questions as Required by Personnel
    2. Provide Technical Recommendations on Design and Implementation
  7. CyberSecurityEngineering
    1. Give input on Technical Security Solutions for Systems
    2. Tie all Technical Solutions back to NEI Program Requirements
    3. Determine Measures to Demonstrate Compliance
    4. Document Per Program Requirements

 SkillsRequired:

  1. NetworkKnowledge
    1. Basic – Networking Theory Classes, IP addressing, Subnetting, TCP/UDP details, use of tools like Wireshark and NMAP
    2. Advanced – Some Cisco Experience, knowledge of device hardening, Palo Alto Expertise, Firewall Theory (packet filtering, application layer monitoring, logging)
    3. Master – 10+ Years of Experience with Cisco, Palo Alto Certifications, Security Monitoring Experience involving Cisco and Palo Alto
  2. WindowsKnowledge
    1. Basic – Configuration of Local Policies (GPO and Security), Basic Computer Management (services, ports, installed software)
    2. Advanced – Some Knowledge of Domain Policies and Hierarchy, Prior Information Systems auditing experience
    3. Master – 10+ years of Experienceworking domain architecture…
  3. Industrial Control SystemSecurityKnowledge
    1. Basic – Insecure by design principles, Protocols used, Characteristics of systems
    2. Advanced –
    3. Master – 10+ years of Experience in ICS Security
  4. Regulatory Knowledge
    1. Basic – Knowledge of industry activities in ICS, some NERC CIP expertise
    2. Advanced – Prior NEI experience, including some 13-10
    3. Master – Led an NEI or NERC CIP effort
  5. Professional Skills
    1. Basic – Can communicate ideas effectively via email and in person, basic use of email and office apps
    2. Advanced – Can create work instructions to communicate technical steps to lesser qualified individuals, creates clear and concise drawings and procedures for others designs, identifies impacts of changes without prompting
    3. Master – Designs and implements technical solutions, along with creating means of effectively maintaining those solutions
Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.