The Industrial Control Systems (ICS) Analyst is responsible for monitoring multiple securitytechnologies using Juniper NetworkSecurity Manager and McAfee ePO to detect IT security incidents. The analyst will follow detailed operational processes and procedures to appropriately analyse, call out, and assist in remediation of critical information security incidents.
- Monitor security systems, including Firewalls, Windows AD event logs, syslog, anti-virus, file integrity, and vulnerability scanners for securityevents.
- Evaluate and investigate detected securityevents to see if they represent significant security incidents and require some level of response.
- Suggest and work with the respective security team members to develop and refine additional monitoring content, processes and procedures.
- Maintain your knowledge of the functionality andtechnologyof existing IT systems as well as:
- ICS technologies
- General view of the current state of securitythreats across the ICS environments as well as within a large multi-national corporation.
- Provide 24x7 Operational support; on a rotating shift schedule (includes overnight shifts)
Degree in Engineering, IT or Security or equivalent levels of experience.
Essential experience and job requirements
- Understanding of Automation System environments.
- Experience (years and nature)
- 3 + years of experience in network operations, networkinfrastructure or firewall management.
- A minimum of 2years of Cyber Securityexperience or related discipline.
- Proficient in the operation of computer operating systems such as Windows (XP, 7, 2003, 2008, 2012) and Linux/UNIX.
- Deep understanding of networksecurityarchitecture components (e.g. Firewalls, VPNs, RSA Secure ID) and management of these components.
- Experience in analysing intrusion events in a large enterprise environment.
- Awareness of the threat environment faced by multi-national oil, gas, Petrochemical Corporation.
- Learn, grasp, and understand new technologies.
- Willingness to acquire in-depth knowledge of network and host securitytechnologies and products (such as firewalls, Network IDS and, scanners) and to continuously improve these skills.
- Be a self-starter that can multi-task and work within a team.
- Willingness to train and mentor other team members.
- Effective tracking and task reporting skills.
- Good written and oral communication skills.
Other Requirements (e.g. Travel, Location)
There are no additional requirements. Pleaserespond with N/A below.
Desirable criteria & qualifications
- Experience with ICS, Process Control Networks and SCADA is highly desirable.
- Advanced experience with TCP and IP protocol suite, securityarchitecture, and remote access security techniques and products desired.
- SANS GCIA Certified Intrusion Analyst training and or certification.
- Alternative accreditation such as GICSP (Global Industrial Cyber Security Professional).
- BS Computer Science preferred, but not required.