Desired Skills and Experience

  • Coordinate issues with Customer technical staff
  • Hands-on experience with the following: vulnerability scanning, firewall, penetration testing, Incident Response, Incident Handling and reporting to all levels of management.
  • Strong experience with SIEM tools to include Qradar installation and configuration
  • SIEM Vulnerability Assessments, CIP Compliance, Network engineering, NIST, COBIT, ISO 27000 series.
  • Provide experienced-based knowledge and serve as first point of escalation for security related events/issues.
  • Interface and maintain effective communication with IT members of the supported environment
  • Technical Troubleshooting. Investigate system processes, maintenance, and operational problems and initiate corrective action.
  • Response to Tier 3 problem / incident reports.
  • Self-Manage Workflow. Manage assigned tasks and resources to ensure success completion.
  • Mentor junior staff by providing cross training opportunities to build team expertise.
  • Maintain technical certifications and knowledge of all current techniques, applicable standards and regulations
  • Hands-on experience with Windows, UNIX, and Linux operating systems.
  • Experience and knowledge of hardening systems.
  • Knowledge of network communications systems and equipment.
  • Practical experience in at least one common scripting language (i.e. Python, Perl, VBS).
  • Practical knowledge of risk management principles.
  • Understanding of SCADA environment cyber security protection and anomaly detection schemes
  • Understanding of SCADA protocols (e.g. DNP3, L&G 8979, Modbus)
  • Must have 8+ years operational experience with securing and monitoring multiple platform and network configurations and implementations. 
  • Experience with substation integration system networks and protocols
  • Experience with Industrial Control Systems and/or safety critical systems
  • Familiarity with power system protection and control principles
  • Broad knowledge of IT Security and general systems infrastructure experience to include

Experience with log correlation tools Experience with packet analysis tools Solid understand of the TCP/IP protocol suite, security architecture, and security techniques/products.

  • Experience with log correlation tools
  • Experience with packet analysis tools
  • Solid understand of the TCP/IP protocol suite, security architecture, and security techniques/products.
  • Experience with various security management tools (Vulnerability Management, Configuration Management, SIEM, etc.)
  • Ability to analyze captured data to perform incident response and identify potential compromises to customer networks
  • A. or B.S. in Computer Science or related field
  • Certified Information Systems Security Professional (CISSP) – (ISC)2
  • GIAC Certified Incident Handler (GCIH) – SANS
  • Certified Hacker Forensic Investigator (CHFI) - EC-Council

Apply