CyberSecurity Strategist Industrial Control Systems - MAR

Description

The Industrial Control Systems Cybersecurity Strategist will be responsible for monitoring, detecting and responding to security incidents for assigned clients. This role involves the continuous analysis of security events, including assisting with the development of incident response procedures and the implementation of proactive measure to safeguard the clients digital assets.

• Conduct regular security audits and workload estimation for new clients.
• Oversee the development of security policies, processes, and procedures and required training.
• Create reports and other capabilities to support the needs of our clients.
• Lead and administer the SOC tools (SIEM, SOAR, IDS, EDR, etc.).
• Lead Threat Hunting requirements and reports.
• Notify SOC manager of all elevated incidents and keep appraised of progress.
• Work with client in remediation efforts.
• Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
• Formulate and report on information provided by Endpoint Detection and Response services.
• Collaborate with Incident Response efforts when responding to a potential incident.
• Review, present, and support reporting of KPI’s for clients.
• Lead and establish the tuning of sensors or systems.
• Review, present, collect, and research data about events in the SIEM.
• Triage, investigate, and resolve escalations of potential incidents.
• Build network diagrams and asset identification of new clients.
• Maintain communications with clients over the hotline and email.
• Manage monthly rotations of shifts, including weekends.
• Lead and support 24/7 Remote Client System Monitoring and Analysis.
• Present, collect, design, and implement data sources for inclusion into SIEM or SOAR.
• Identify, drive, and resolve events within the SIEM or SOAR for prioritization and elevation.
• Lead, approve, design, and implement SOAR within the SOC ecosystem.
• Oversee and audit work within a security operations ticketing system.
• Build, approve, and implement new signatures and correlated searches based on a variety of requirements.
• Leads and collaborates with the delivery team for the installation of sensors.
• Formulate and oversee playbooks, SOPs, templates, and workflows.
• Performs other duties as assigned.
• Complies with all policies and standards.
  
  

Qualifications

• Bachelor's Degree in Cybersecurity, Computer Science, Computer Engineering, Electrical Engineering, or a related technical field, and 3 years of relevant experience is required, OR Applicable years of experience may be considered instead of the degree requirement.
• Advanced understanding of cybersecurity principles and general knowledge of cybersecurity technologies, as well as industry-recognized certifications.
• Advanced knowledge of cybersecurity vulnerability assessments, penetration tests, and the tools/techniques involved in both.
• Advanced knowledge of the capabilities and/or configuration of cybersecurity controls, specifically those relating to firewalls, access control, authentication, anti-virus/anti-malware, patching, and logging.
• Advanced knowledge of legacy, current, and emerging state-of-the-art computer and network systems technologies, architectures, and products.
• Advanced knowledge of applicable cybersecurity standards involving control systems, including those relating to process networks.
• Knowledge of physical cabling for network communications and control system Input/Output.
• Ability to obtain and maintain access to current and future client sites, including the ability to obtain and maintain applicable U.S. security clearances.
• Effective written and oral communication skills.
• Strong analytical and critical thinking skills.
• Ability to operate under pressure and under tight deadlines, to operate in on-site industrial, corporate, and government work.
• Demonstrated capability to make sound decisions based on good security practices and principles.
• Demonstrate an understanding of business principles and operational security practices specific to engineering and/or security consulting.
  
  

Compensation

$120,000.00-170,000.00 Yearly

The expected compensation range for this position is displayed in compliance with all local/state regulations. The expected compensation range for this position is based on a number of factors, including but not limited to: individual education, qualifications, prior work experience and work location. The total annual compensation package will consist of a base salary and eligibility to participate in our discretionary year-end incentive bonus program.

Benefits

Our extensive benefits package takes care of you so that you can focus on doing great work. From insurance and disability to time off and wellness programs, we provide the tools to meet your needs. As part of being 100% employee-owned, eligible employees participate in our Employee Stock Ownership Plan (ESOP) in addition to our 401(k) retirement program. For more information, please visit the Benefits & Wellness page.

This job posting will remain open a minimum of 72 hours and on an ongoing basis until filled.

EEO/Disabled/Veterans

Job Consulting

Primary Location US-VA-Norfolk

Other Locations US-MD-Baltimore

Schedule: Full-time

Travel: Yes, 5 % of the Time

About 1898 & Co. 1898 & Co. is a business, technology and security solutions consultancy where experience and foresight come together to unlock lasting advancements. We innovate today to fuel our clients’ future growth, catalyzing insights that drive smarter decisions, improve performance and maximize value. As part of Burns & McDonnell, we draw on more than 120 years of deep and broad experience in complex industries as we envision and enable the future for our clients.

Req ID: 260925

Job Hire Type Experienced #E98 N/A