Job Description
RESPONSIBILITIES
• Works closely and supporting team members, vendors, and customers
• Implements Department’s Security Technical Implementation Guides (STIGs) on traditional Information Technology (IT) and Operational Technology (OT) systems
• Assists in the development and verification of documentation necessary to complete the Department’s RMF assessment and authorization process
• Conducts ICS/SCADA system inventories following Department’s guidance
• Conducts vulnerability scanning and document system vulnerabilities
• Supports ISO standardization and Quality inspections
• Participates in continuous improvement of organizational cybersecurity posture
QUALIFICATIONS
• 5 Years of Experience with a Bachelor's Degree in Information Technology, Risk Management, Cybersecurity
• Position requires an active TSC/SCI w poly clearance
• Ability to process and operate application software, to include word-processing, spreadsheets and databases.
• Documented training in the following areas: network infrastructure (Cisco), Microsoft Windows.
• Experience working on government and/commercial projects implementing cybersecurity requirements in a variety of industrial control systems (e.g., building management, electronic security, fire alarm/mass notification, electrical distribution, power management, etc.).
• Strong written and verbal communication skills
• Ability to coordinate with and support multiple team members, vendors, and customers
• Ability to identify, maintain, and troubleshoot HMI components
• Ability to identify, maintain, and troubleshoot control network components
• Ability to interpret drawings both mechanical and electrical
• Ability to identify, maintain, and utilize SCADA systems and KPI's
• Working knowledge of EMS/SCADA or other operational control systems.
• Knowledge of SCADA protocols like Modbus, IEC 60870-5-101 or 104, IEC 61850 and DNP3 and other major SCADA protocols
• Awareness of NIST Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security and UFC 4-010-06 Unified Facilities Criteria (UFC) Cybersecurity of Facility
• Awareness of department’s Risk Management Framework (RMF) process.
• 5 years of experience working with industry and government agencies on the design of ICS platforms and integrated ICS systems, preferred
• Familiarity with various industry ICS products, preferred
• Experience implementing a variety of security assessment tools, preferred
• Security Readiness Review (SRR) Tools (scripts and OVAL Benchmarks, ACAS, Wireshark), preferred
• Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and/or Certified SCADA Security Architect (CSSA) Related Control Systems, preferred
• Works closely and supporting team members, vendors, and customers
• Implements Department’s Security Technical Implementation Guides (STIGs) on traditional Information Technology (IT) and Operational Technology (OT) systems
• Assists in the development and verification of documentation necessary to complete the Department’s RMF assessment and authorization process
• Conducts ICS/SCADA system inventories following Department’s guidance
• Conducts vulnerability scanning and document system vulnerabilities
• Supports ISO standardization and Quality inspections
• Participates in continuous improvement of organizational cybersecurity posture
QUALIFICATIONS
• 5 Years of Experience with a Bachelor's Degree in Information Technology, Risk Management, Cybersecurity
• Position requires an active TSC/SCI w poly clearance
• Ability to process and operate application software, to include word-processing, spreadsheets and databases.
• Documented training in the following areas: network infrastructure (Cisco), Microsoft Windows.
• Experience working on government and/commercial projects implementing cybersecurity requirements in a variety of industrial control systems (e.g., building management, electronic security, fire alarm/mass notification, electrical distribution, power management, etc.).
• Strong written and verbal communication skills
• Ability to coordinate with and support multiple team members, vendors, and customers
• Ability to identify, maintain, and troubleshoot HMI components
• Ability to identify, maintain, and troubleshoot control network components
• Ability to interpret drawings both mechanical and electrical
• Ability to identify, maintain, and utilize SCADA systems and KPI's
• Working knowledge of EMS/SCADA or other operational control systems.
• Knowledge of SCADA protocols like Modbus, IEC 60870-5-101 or 104, IEC 61850 and DNP3 and other major SCADA protocols
• Awareness of NIST Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security and UFC 4-010-06 Unified Facilities Criteria (UFC) Cybersecurity of Facility
• Awareness of department’s Risk Management Framework (RMF) process.
• 5 years of experience working with industry and government agencies on the design of ICS platforms and integrated ICS systems, preferred
• Familiarity with various industry ICS products, preferred
• Experience implementing a variety of security assessment tools, preferred
• Security Readiness Review (SRR) Tools (scripts and OVAL Benchmarks, ACAS, Wireshark), preferred
• Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and/or Certified SCADA Security Architect (CSSA) Related Control Systems, preferred
Additional Details
Experience: 5-10 years