Share this Job

Project Lead

Date:  22-Nov-2022
Location:  Georgia
State:  Deca
Country:  US
Company:  LTTS

•Performing vulnerability and risk assessments within manufacturing and critical infrastructure environments to identify security risks and threats (e.g., unsecure remote access points, suspicious remote connections, unauthorized devices on the network, etc.) and providing recommendation to remediate the identified issues
•Helping to build an inventory of client’s hardware & software assets and assessing those assets for security vulnerabilities, obsolescence, and other risks
•Reviewing network architectures and determining if good practices are being followed (e.g., the “zones & conduits” concept, proper network segmentation, use of Industrial DMZ, etc.); and providing recommendations to comply with applicable cybersecurity framework
•Reviewing security products utilized (e.g., firewalls, IDS, IPS) and determining if they are configured properly
•Building security policies, plans, procedures, and standards governing the security operations for ICS equipment and networks related to the ICS environments
•Researching and developing OT Cyber Resiliency solutions including developing and operationalizing OT/ICS SCADA cyber defense architectures,   
•Assessing network monitoring capabilities and identifying gaps if any
•Proposing tools and technologies that can improve traffic visibility and/or identifying security threats
•Supporting to build detailed diagrams (e.g., network, cabling, server, rack, logical architecture, etc.)

Required Experience:
•A working knowledge of industrial control systems (e.g., DCS, PLCs, SCADA, etc.) 
•Ability to perform vulnerability / penetration testing in ICS/OT environment, and/or threat hunting
•knowledge of IT and OT security best practices and understanding of the differences. 
•understanding of protocols common in ICS environments. 
•Strong understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST SP 800-82, CIS, etc.)
•Strong understanding of OT network communication protocols (e.g., Ethernet/IP, CIP, Modbus, OPC, etc.) and industrial networking topologies (e.g., ring, star, etc.)