DMI

Industrial Control System (ICS) Security Specialist III

Posted Date 3 months ago(9/19/2022 6:11 PM)
Job ID
2022-24297
Category
Security
Location
US-Remote

About DMI

DMI is a global professional services company that specializes in digital strategy, design, transformation, and support. More than your basic systems integrator or big-box advisor, we are a new breed of partner that blends human-centric consulting and design with agile engineering, delivery, and global scale. We believe that digital transformation is an end-to-endless evolutionary process that requires technology solutions and partners that meet organizations where they are. Consultants at the core, DMI has been delivering mission-critical, enterprise-grade solutions since 2002 for more than a hundred Fortune 1,000 enterprises, various state and local government agencies, and all fifteen U.S. federal departments. DMI has grown to 2,100+ employees globally and has been continually recognized by top industry analysts as well as a Top Workplace in the USA and Remote.

 

DMInc.com| Careers | Twitter | LinkedIn |Facebook 

About the Opportunity

Digital Management, LLC (DMI) is seeking a full time REMOTE Industrial Control System (ICS) Security Specialist III to support the ICS security team.

 

Duties and Responsibilities

  • Perform daily checks on outstanding project tasks keep the team updated with completed tasks and milestones accordingly.
  • Clarify issues or questions for customer team members and facilitate obtaining the necessary support to remove roadblocks.
  • Provide clarification to customer stakeholders questions to ensure successful assessment of implementation outcomes.
  • Provide feedback to management on performance and potential impeding progress
  • Provide technical guidance and mentoring to customer team members.
  • Assess and understand at a high-level organization mission, goals, and objectives and relate industrial control cyber security principles and requirements to the mission.
  • Translate and explain industrial control cyber security principles and technical security requirements to non-technical stakeholders to facilitate understanding implementation and maturity of management, operational, and technical security controls, based on organizational mission objectives outlined in industrial control security policies, directives, orders, and standards.
  • Identify and review body of evidence/artifacts required to support implementation of operational, and technical security controls i.e., Policies, plans, process, procedures, guidelines, standards, and system architecture, design, and configuration documents, service and change control tickets, logs, reports, formal and informal communication artifacts.
  • Communicate assessment/audit risk findings and mitigations to technical and non-technical stakeholders.
  • Monitor, and communicate to management task performance risks, issues, problems, and participate in the development and implementation of mitigations or provide assistance as needed.
  • Provide support developing and maintaining security assessment practice documentation i.e., policies, plans, processes, procedures, guidelines, standards, methodologies, report templates, questionnaire templates.
  • Assist in the design and development of security architectures for industrial control systems (ICS).
  • Assist in the development of standards in partnership with Engineering, Operational Technology (OT) Infrastructure Services, and Application Development.
  • Assist in the development and execution of strategies to increase ICS/OT knowledge throughout the ecosystem.
  • Implements initiatives designed to share knowledge across Security Platforms and/or Technology teams. Under the Leads supervision identifies, recommends, coordinates, deliver timely knowledge to support teams regarding technologies, processes, or tools.
  • Assist in conducting software system security analysis to ensure compliance with applicable government security standards and Presidential Directives.
  • Participates in reviewing and evaluating the development of cyber operations test designs.
  • Knowledge of a broad range of cyber test and evaluation knowledge crossing multiple cyber disciplines (e.g., information operations, command and control, cyber vulnerability analysis, cyber threat indications and warnings, etc.) to identify and extend cyber operational test practices and theories.
  • Assist in applying specialized knowledge of OT network attack, OT network defense, OT network warfare support, OT network operations, and related operations to support evaluation of cyberspace capabilities designed to accomplish OT network reconnaissance, surveillance, combat, training, and other assigned missions.
  • Assist in the documentation of analysis and test techniques for use in test design, planning, executing, and reporting of OT cyberspace operational test activities.
  • Knowledge of identifying, monitoring, analyzing, and reporting on OT Cyber intrusion methods and events.
  • Assist in leveraging OT Cybersecurity solutions to identify intrusion/attack paths and recommend detection and prevention, situational awareness of intrusions, incident response actions.
  • Participate in or support OT cyber test events conducted by customer.

Qualifications

Education and Years of Experience:  

  • At least Five (5) years of experience with industrial control systems (to include but not limited to SCADA, DCS, PLC, HMI).
  • At least two to three (2-3) years of hands-on experience performing security tasks on industrial control systems.
  • A degree from an accredited college or university with a major in Engineering, Computer Science, Information Systems, Cybersecurity, or related discipline.

Required Skills/Certifications: 

  • Excellent written and oral communication, and presentation skills
  • Ability to participate in facilitating security tasks, ensuring that technical requirements are communicated clearly to customer stakeholders.
  • Self-starter, able to assess, plan, assign, and monitor/execute OT security assessment project task ensuring successful closure.
  • Customer-oriented with excellent issue follow-through and resolution abilities.
  • Outstanding interpersonal skills, strong work ethic, and self-motivated.
  • Able to perform under guidance gap analysis and initiate process, procedure, methodology improvements.
  • Utilize under guidance tools and analytical skills to plan and execute tasks in an OT environment.
  • Knowledge of industrial control systems experience with the following security controls frameworks: NIST SP 800-53 Rev 4, NIST SP 800-82 Rev 2, IEC 62443, SANS 20 Critical Security Controls, CIS Controls (Basic, Foundational, and Organizational), COBIT 5, NERC CIP, HITRUST Common Security Framework, ISO 27001/2, SOC 1/SOC 2
  • Knowledge of the Purdue Model.
  • Knowledge of the relevant laws and regulations: FISMA, HIPAA, HITECH, IRS, GDPR etc.
  • Knowledge of the following assessment frameworks/models: Data Management Maturity Model (DMM), Capability Maturity Model Integration (CMMI), NIST Cyber Security Framework (CSF), NIST Risk Management Framework (RMF), NIST Privacy Framework
  • Experience working with industrial control system security.

 

Desired Skills/Certifications: 

  • Comp TIA Security+, CISA, CRISC, or relevant industry security certifications
  • Knowledge in planning, managing and patching vulnerabilities from OT system scans
  • Knowledge with service-oriented architecture for industrial control systems.

Additional Requirement(s): 

  • Should have lived in US for at-least 3 years.

 

Physical Requirement(s): No Physical requirement needed for this position

 

Min. Citizenship Status Required: US Citizen

Location: Remote (United States)

 

Working at DMI

DMI is a diverse, prosperous and rewarding place to work. Being part of the DMI family means we care about your wellbeing. As such, we offer a variety of perks and benefits that help met various interests and needs, while still having the opportunity to work directly with a number of our award winning, Fortune 1000 clients. The following categories make up your DMI wellbeing:

  • Community – Blood drives, volunteering opportunities, Holiday parties, summer picnics, Tech Chef, Octoberfest just to name a few ways DMI comes together as a community.
  • Convenience/Concierge - Virtual visits through health insurance, pet insurance, commuter benefits, discount tickets for movies, travel and many other items to provide convenience.
  • Development – Annual Performance management, continuing education and tuition assistance, internal job opportunities along with career enrichment and advancement to help each employee with their professional and personal development.
  • Financial – Generous 401k match for both pre-tax and post-tax (ROTH) contributions along with financial wellness education, EAP, Life Insurance and Disability help provide financial stability for each DMI employee.
  • Recognition – Great achievements do not go unnoticed by DMI through Annual Awards ceremony, service anniversaries, peer-to-peer acknowledgement through Give-A-Wow, employee referral bonuses.
  • Wellness – Healthcare benefits, Wellness programs, Flu Shots, Biometric screenings, on-site lactation rooms provide employees with several wellness options. 

Employees are valued for their talents and contributions. We all take pride in helping our customers achieve their goals, which in turn contributes to the overall success of the company.  The company does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans, and to treat qualified individuals without discrimination on the basis of their physical or mental disability or veteran status. DMI is an Equal Opportunity Employer Minority/Female/Veterans/Disability. DMI maintains a drug-free workplace.

 

***************** No Agencies Please *****************

 

Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions.

 

#LI-CA1

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us for general consideration.