Job Description

Job Title Senior ICS Security Consultant META

Description



Mandiant is looking for a motivated and experienced Industrial Control Systems Security Senior Consultant with great customer service skills to help clients assess, design, and strengthen their ICS/OT security capability and work to continually improve our own assessment methodologies. The successful candidate will possess strong consulting skills, be adept in leading multiple projects under tight deadlines, and possess in-depth domain expertise working with industrial control systems in a relevant industry such as Energy, Oil & Gas, Chemical, Transportation, Water/Wastewater, Telecommunications, or Manufacturing.

Responsibilities:
Individual Contributor to deliver, serve as project and engagement manager, and contribute on global security projects in the industrial controls and operational technology space.
Work with clients to assess cybersecurity controls appropriate for ICS/OT environments, evolve those architectures to a more defensible posture, and improve the ability to resist, detect, respond to, and contain attacks
Act as a subject matter expert (SME) on ICS/OT topics for the larger consulting practice
Evaluates client cybersecurity needs, coordinates designs for solutions, and clearly communicates solutions.
Uses formal project management skills in planning, tracking, and reporting on project progress
Interface with clients to address concerns, issues or escalations; track and drive to closure any issues that impact the service and its value to clients
Develop comprehensive and accurate reports and presentations for both technical and executive audiences; effectively communicate assessment findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
Qualifications
Excellent verbal and written communication skills
Basic knowledge of tools used in penetration testing, security event analysis, incident response, computer forensics, network and endpoint architecture, malware analysis or other areas of security operations
3+ years in experience in professional Operational Technology security domains
3+ years of hands-on experience in one, or more, of the following areas:
OT Cybersecurity Programs, Audit, Compliance, and Strategy
OT Penetration Testing / Ethical Hacking
Embedded Device / Iot / IIoT / Wireless Assessments at the Hardware, Firmware, and Software Levels
Incident Response including log analysis and host/network forensics
Knowledge of operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, RTUs, HMI and Distributed Control Systems (DCS)
Knowledge of IT and OT network communication protocols (For example: TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.)
Knowledge and understanding of various security control frameworks, including: IEC62443, NERC CIP, NIST
Familiarity with Linux and Windows operating systems and administrative tools.
Additional Qualifications:
Willingness to travel up to 50%
Ability to successfully interface with both internal and external clients
Ability to document and explain technical details in a concise, understandable manner
Self-motivated and results-focused; ability to strengthen the team and its mission
Global Industrial Cybersecurity Professional (GICSP), Certified SCADA Security Architect (CSSA), or Certified Information Systems Security Professional (CISSP) Certifications a plus
Experience with Industrial Wireless Communications, Software Defined Radio, and Embedded Device Testing a plus

Additional Information

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

.

You have applied correctly

A message has been sent to the employer, you are going to receive the reply soon. Good luck!

You have applied correctly

The request has been sent correctly. However, we have seen that your resume is incomplete. We highly recommend you to fill it to let the employer know you. These are the fields you have empty: