Industrial Cybersecurity Consultant

Job Title: Industrial Cybersecurity Consultant
Location: Amarillo, TX OR Kansas City, MO
Job type and Duration: Contract
Our client, a global Architecture and Design Firm, is looking to hire an Industrial Cybersecurity Consultant to join their IT Consulting team in Amarillo, TX OR Kansas City MO.
The Industrial Cybersecurity Consultant will support cybersecurity programs at client sites across North America utilizing the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), NIST Risk Management Framework (RMF), NIST 800-53, NIST 800-82, DFARS, and other key industry best practices and standards.
Job Duties:
* Execute the planning, design, development, and implementation of technical controls, procedures, and policies associated with cybersecurity compliance and/or regulatory standards.
* Maintain the highest level of integrity, protecting the confidentiality and security of all clients and project information.
* Identify and diagnose operational issues and implement design alterations to address these issues.
* Conduct vulnerability assessments of OT networks for cybersecurity, risk management, and/or compliance purposes.
* Pursue, obtain, and maintain industry-recognized certifications related to cybersecurity such as ethical hacking, penetration testing, network engineering, Industrial Control System (ICS), Supervisory Control and Data Acquisition (SCADA), risk management, and others, as necessary.
* Resolve technical issues, analyze implications to the clients business, and be able to communicate them with applicable stakeholders within the business.
* Develop policies & procedures for secure process control network design, technical and design recommendations for implementing firewalls, unidirectional gateways, and other network security controls.
* Compiles technical documentation of network traffic and firewalls services/solutions, including explanations and diagrams.
Requirements:
* Bachelors degree in a technical field, e.g., (Cybersecurity, Computer Science or Information Systems, Computer Engineering, Electrical Engineering, or another related technical field with appropriate experience).
* Minimum 4 years of experience in industrial cybersecurity.
* Additional applicable years of experience may be considered instead of degree requirements.
* Advanced knowledge of security principles, firm knowledge of cybersecurity technologies, and industry-recognized certifications.
* Experience with security engineering principles, various cybersecurity assessment methodologies, security control implementation, validation, and system life-cycle practices.
* Experience in the capabilities and/or configuration of cybersecurity controls, specifically those relating to:
* Firewalls
* Identity and Access Control
* Authentication and authorization
* Anti-virus/anti-malware
* Patch management
* Network and system hardening, network architecture design, network data flow, network switch configuration (IOS and NXOS, SNMP Traps configuration, IP IGMP Snooping)
* System Integration
* System Administration, to include MS Windows Server 2016, MS AD, MS IIS, SSL Integration, MS SQL Server, Powershell)
* Test Engineering, includes Developing and Documenting Test Procedures, Performing component level testing, Performing system-wide testing, and Software Quality Assurance Testing
* Advanced knowledge of networks and control systems utilized by Federal, Military, Defense; etc., is preferred
* Strong written and oral communication skills
* Strong analytical and critical thinking skills
* Ability to operate under pressure and under tight deadlines, to operate onsite within industrial, corporate, and government work settings
* Demonstrate an understanding of business principles and operational security practices specific to engineering and/or security consulting
* Knowledge and/or experience with legacy and modern computer networking and telecommunications
* Experience with physical cabling for network communications and control system input/output
* Strong technical writing skills
* Ability to develop and maintain strong relationships with clients
* Ability to present complex technical issues and their impact in an easy-to-understand manner
* Ability to work remotely on the client site
* Knowledge and experience with corporate policies and procedures
* Knowledge and experience with NIST Risk Management Framework; NIST 800-53; DFARS; NIST Cybersecurity Framework; NIST SP800-82; CMMC highly desired
* Travel for site work is estimated to average 25-50% annually
The Ideal Candidate will also have the following preferred skills:
* Tenacious Problem solving
* Unselfish collaborator
* Intellectual curiosity
* Dedicated to continuous improvement
* Grit
* Consulting background
* PLC Configuration
* PLC Ladder Logic
* DoD and/or DoE Security clearances, or the ability to obtain them quickly
* Relevant industry certifications such as
* CISSP, CISM, CISA, CEH, GICSP, etc.
* Knowledge or experience with
* OT asset inventory w/ change detection solutions
* Vulnerability Management solutions
* Identity and Access Control solutions
* OT network & communications monitoring solutions
* Security, Orchestration, Automation & Response (SOAR) solutions
* Knowledge of the Purdue model for zones/segmentation ESPO Corporation
Leaders in Technical Recruiting & Staffing since 1965
We are an Equal Opportunity Employer and value the benefits of diversity in our workforce . All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity and expression, national origin, disability, protected Veteran status, or any other attribute or protected characteristic by law. If you need assistance applying please contact us directly.