Senior Cyber Security Analyst (SCADA and Industrial Controls)
The candidate will perform SCADA/Industrial Control Systems (ICS) information security subject matter expert duties.
Four (4) year degree in Information Systems, Computer Science or Cyber Security. Senior Cyber
Security Analyst must have a minimum of five (5) years of current experience in:
(i) ICS/SCADA Security
(ii) Information Security
(iii) Cyber Security Threat Hunting
(iv) Special Publication National Institute of Standards and Technology (NIST) 800 series
SKILLS, KNOWLEDGE AND ABILITIES
Must have experience conducting/implementing/managing Information Systems audits of ICS/SCADA security controls. Must possess strong written and verbal communication skills. Proficiency with all Microsoft (MS) Office programs is necessary, including familiarity with SharePoint. Assessing, designing, implementing, and supporting cyber security controls within the Authority’s industrial/train control environments. Conducting security assessments for Industrial Control Systems (ICS/SCADA). Designing and implementing various cyber security solutions in industrial environments. Strategic planning for the deployment of ICS technologies and program enhancements in a secure manner. Assisting with constructing and reviewing security policies and procedures. Assisting with the implementation of SCADA technologies to comply with ICS/SCADA security frameworks such as NIST-SP 800 series. Developing and initiating where feasible a comprehensive cybersecurity plan for train control, SCADA, enterprise and other critical operations and technology systems. Assist in development of cybersecurity plan for rail transit control systems. Identifying solutions to cybersecurity vulnerabilities identified in previous audit/Penetration Test (PENTEST). Strategizing, developing, and rolling out agency wide programs in cyber security training, configuration management, incident response and access control.
Designing and/or implementing Information Security solutions in an ICS/SCADA environment. Leading initiatives for re-architecting and re-engineering of controls to enhance the security posture of the Authority.
(ii) Certified SCADA Security Architect (CSSA) or other SCADA/ICS security certifications
(iii) Certified Ethical Hacker (CEH) or Incident Response Handler