Configure, test and monitor the ICS infrastructure for company. Support with the development and configuration of use cases. Provide subject matter advice on ICS cybersecurity. Roles: • Understand various industrial control systems and their purpose, application, function, and dependencies on network IP and industrial communications. • Work with control network infrastructure design (network architecture concepts, including topology, protocols, and components) and their relation to IEC 62443 and the Purdue Model. • Run Windows and Linux command line tools to analyze the system looking for high-risk items and basic scripting to automate the running of programs to perform continuous monitoring of various tools. • Operating Systems administration (system administration concepts for Unix/Linux and/or Windows operating systems). • Aware of ICS systems’ security lifecycle. • Better understand information assurance principles and tenets (confidentiality, integrity, availability, authentication, non-repudiation). • Support on incident response and handling. • Map different ICS technologies, attacks, and defenses to various cybersecurity standards.• Ensure that the logging and monitoring requirements of OT systems are determined, documented in policies and distributed to stakeholders. • Establish a process for performing real time log- correlation and integration with threat intelligence processes. • Ensure that encryption controls are applied for ICS laptops, removable media, USB drivers.• Monitor the use of approved removable media and ensure that unauthorized removal of media is detected and media related incidents are recorded, analysed and tracked. • Ensure that network defense controls are implemented on external network gateways and access points. • Ensure that web proxy are implemented to limit connections and access to websites. • Manage the network firewall operations through a centralized firewall rule/ request and approval process. • Establish a DMZ and install the firewalls between the DMZ and internal networks.• Ensure that network security scans are conducted in order to detect rogue devices. • Integrate the NAC solution with enterprise tools/ capabilities such as SIEM, DLP, network forensics and malware protection. • Review and update the NAC rules periodically. • Integrate the wireless network access points with IDS/IPS and NAC. • Configure wireless access on ICS machines to allow access to only authorized wireless networks.
Knowledge: • Network components, their operation and appropriate network security controls and methods. • Knowledge and understanding of risk assessment, mitigation and management methods. • Appropriate data backup and recovery methods and solutions, including testing.• Best practices for incident response and incident management. • Best practice network traffic analysis methods. • Network traffic protocols, methods and management. • Industry standard systems diagnostic tools and fault identification techniques. • The components of a network attack and their relationship to threats and vulnerabilities• Network security architecture concepts including topology, protocols, components, and principles. • Windows and Unix ports and services. • Intrusion detection and prevention system tools and applications. • Network protocols and directory services. • Software related IT security principles and methods. • Basic system, network and OS hardening techniques. • Test procedures, principles and methodologies relevant to developing and integrating cybersecurity capability. • Transmission technologies and jamming techniques that enable and prevent transmission of undesirable information or prevent installed systems from operating correctly and the laws relating to their usage. • Network traffic analysis tools, methodologies and processes. • Web filtering technologies. • Network technologies in IT and ICS/OT environments. • Supervisory control and data acquisition system components. • ICS operating environments and functions. • ICS network architectures and communication protocols. • ICS devices and industrial programming languages. • ICS threat landscape. • threats and vulnerabilities in ICS systems and environments.• intrusion detection methodologies and techniques for detecting ICS intrusions. Qualifications: • Bachelor’s degree in computer science, information technology, or any other engineering field. • 7-15+ years of experience with industrial control systems. • ICS410: ICS/SCADA Security Essentials. • ICS456: Essentials for NERC Critical Infrastructure Protection. • ICS515: ICS Active Defense and Incident Response.• ICS612: ICS Cybersecurity In-Depth. • GICSP, GCIP, GRID
We are a national group formed on the foundations of social responsibility and building the acquired value with hard work and quality of outputs that contribute to creating a fertile production environment for our esteemed customers so that they can present their work in accordance with standards of balanced performance that ensures continuity and reduces the expected risk. More