Industrial Control System (ICS) Cyber Engineer

To apply, please email resume to: careers@stc-ntc-lsu.org

Location:  Baton Rouge, Louisiana.


Education Requirements:

Bachelor’s degree or equivalent; Master’s Degree is preferred.


Experience Requirements:

Eight or more years of Cybersecurity or Information Technology (IT) experience.


Direct experience related to operational technologies, such as Industrial Control Systems (ICSs), Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS).


Two or more years of experience with performing onsite Cybersecurity assessments using National Institute of Standards and Technology (NIST) Special Publication (SP) 800-82 and the Risk Management Framework (RMF) Cybersecurity Framework (CSF).


Experience with common Operational Technology (OT) and IT protocols, such as Modbus, DNP3, BACnet, DNS, HTTP, SMB, etc.


Knowledge of and experience working with IP network routing, switching and system protocols including TCP/IP, VLANs, UDP, Serial, USB, etc. 

 

Security Clearance Requirements:

Must be able to obtain and maintain a Department of Defense (DoD) Top Secret clearance.

 

Additional Requirements:

Due to U.S. Government regulations, this job is only open to U.S. Citizens.

 

Required Certifications:

Candidate must hold and maintain at least one of the following professional certifications: CISSP, CASP+CE, CISM, or GSLC. 


Additional  preferred certifications include: GICSP, ISA/IEC 62443 Cybersecurity Fundamentals Specialist, and ISA/IEC 62443 Risk Assessment Specialist.


Position Overview:

The qualified candidate’s primary responsibility will be to conduct cursory cyber site assessments of OT systems and mitigation support for STC clients in order to assess mission vulnerability to cyber events on the ICS infrastructure. This position will additionally be responsible for assisting in the development of facility testbeds and performing in-depth assessments to ensure mission critical functions maintain confidentiality, integrity, and availability.  The person selected for this role will provide support to improve the assessment of the risks introduced from ICS environments that are typically overlooked. The candidate will recommend solutions and provide expertise to assure more resiliency in these ICS environments.


Position Essential Functions:

  • Conducting risk assessments for client facilities that have a dependency on commercial energy, water, power, and other commercial infrastructure.
  • Developing Risk Assessment Protocols, following a systematic approach to:
  • Identifying the location and number of critical assets as well as mission dependencies for specified installations.
  • Conducting a cooperative vulnerability assessment in which a thorough evaluation of a system’s cyber vulnerabilities and implemented security controls will be performed.
  • Utilizing an active cyber threat to identify vulnerabilities and weaknesses in the organization’s Tactics, Techniques, and Procedures (TTPs). 
  • Evaluating a specific vendor’s system of systems, operational infrastructure, and OT software.
  • Developing Risk Matrices, mitigation strategies, and continuity plans for thwarting identified risks.
  • Developing TTPs that will be utilized to combat cyber threats as identified during assessments.
  • Assisting in the development of a comprehensive training program for cyber protection teams to deploy TTPs.
  • Conducting analytical assessments, prepare reports, and make recommendations to assist senior leaders in making informed decisions.


Position Additional Functions:

The selected candidate may also be called up to assist the team by:

  • Conducting research on various cybersecurity topics.
  • Assessing, troubleshooting, and configuring network equipment and environments.
  • Assessing network topologies, equipment, and environments for cybersecurity and operational issues.
  • Installing, configuring, testing, and maintaining networking/cybersecurity platforms and related equipment/systems.


Physical Demands:

Normal demands associated with an office environment.  Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face.  The position requires some light physical effort.  This would require the ability to lift or move objects up to ten pounds and occasionally lift or move objects up to 25 pounds.


Travel Demands:

A moderate level of travel is anticipated for this role, based on client and project needs. 


STC is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability status, protected veteran status, or any other characteristic protected by law.