Senior Cyber Security Analyst (SCADA and Industrial Controls)
The candidate will perform SCADA/Industrial Control Systems (ICS) information security subject matter expert duties.
- Four (4) year degree in Information Systems, Computer Science or Cyber Security.
- Senior Cyber Security Analyst must have a minimum of five (5) years of current experience in:
(i) ICS/SCADA Security
(ii) Information Security
(iii) Cyber Security Threat Hunting
(iv) Special Publication National Institute of Standards and Technology (NIST) 800 series
SKILLS, KNOWLEDGE AND ABILITIES
- Must have experience conducting/implementing/managing Information Systems audits of ICS/SCADA security controls.
- Must possess strong written and verbal communication skills.
- Proficiency with all Microsoft (MS) Office programs is necessary, including familiarity with SharePoint.
- Assessing, designing, implementing, and supporting cyber security controls within the Authority’s industrial/train control environments.
- Conducting security assessments for Industrial Control Systems (ICS/SCADA).
- Designing and implementing various cyber security solutions in industrial environments.
- Strategic planning for the deployment of ICS technologies and program enhancements in a secure manner.
- Assisting with constructing and reviewing security policies and procedures.
- Assisting with the implementation of SCADA technologies to comply with ICS/SCADA security frameworks such as NIST-SP 800 series.
- Developing and initiating where feasible a comprehensive cybersecurity plan for train control, SCADA, enterprise and other critical operations and technology systems.
- Assist in development of cybersecurity plan for rail transit control systems. Identifying solutions to cybersecurity vulnerabilities identified in previous audit/Penetration Test (PENTEST).
- Strategizing, developing, and rolling out agency wide programs in cyber security training, configuration management, incident response and access control.
- Designing and/or implementing Information Security solutions in an ICS/SCADA environment.
- Leading initiatives for re-architecting and re-engineering of controls to enhance the security posture of the Authority.
(ii) Certified SCADA Security Architect (CSSA) or other SCADA/ICS security certifications
(iii) Certified Ethical Hacker (CEH) or Incident Response Handler
Start Time: Spring 2021