Operational Technology Consultant (OT Infrastructure)

Job description / Role

Configure, test and monitor the ICS infrastructure for company. Support with the development and configuration of use cases. Provide subject matter advice on ICS cybersecurity.

Roles:
• Understand various industrial control systems and their purpose, application, function, and dependencies on network IP and industrial communications.
• Work with control network infrastructure design (network architecture concepts, including topology, protocols, and components) and their relation to IEC 62443 and the Purdue Model.
• Run Windows and Linux command line tools to analyze the system looking for high-risk items and basic scripting to automate the running of programs to perform continuous monitoring of various tools.
• Operating Systems administration (system administration concepts for Unix/Linux and/or Windows operating systems).
• Aware of ICS systems' security lifecycle.
• Better understand information assurance principles and tenets (confidentiality, integrity, availability, authentication, non-repudiation).
• Support on incident response and handling.
• Map different ICS technologies, attacks, and defenses to various cybersecurity standards.
• Ensure that the logging and monitoring requirements of OT systems are determined, documented in policies and distributed to stakeholders.
• Establish a process for performing real time log- correlation and integration with threat intelligence processes.
• Ensure that encryption controls are applied for ICS laptops, removable media, USB drivers.
• Monitor the use of approved removable media and ensure that unauthorized removal of media is detected and media related incidents are recorded, analysed and tracked.
• Ensure that network defense controls are implemented on external network gateways and access points.
• Ensure that web proxy are implemented to limit connections and access to websites.
• Manage the network firewall operations through a centralized firewall rule/ request and approval process.
• Establish a DMZ and install the firewalls between the DMZ and internal networks.
• Ensure that network security scans are conducted in order to detect rogue devices.
• Integrate the NAC solution with enterprise tools/ capabilities such as SIEM, DLP, network forensics and malware protection.
• Review and update the NAC rules periodically.
• Integrate the wireless network access points with IDS/IPS and NAC.
• Configure wireless access on ICS machines to allow access to only authorized wireless networks.

Requirements

Knowledge:
• Network components, their operation and appropriate network security controls and methods.
• Knowledge and understanding of risk assessment, mitigation and management methods.
• Appropriate data backup and recovery methods and solutions, including testing.
• Best practices for incident response and incident management.
• Best practice network traffic analysis methods.
• Network traffic protocols, methods and management.
• Industry standard systems diagnostic tools and fault identification techniques.
• The components of a network attack and their relationship to threats and vulnerabilities
• Network security architecture concepts including topology, protocols, components, and principles.
• Windows and Unix ports and services.
• Intrusion detection and prevention system tools and applications.
• Network protocols and directory services.
• Software related IT security principles and methods.
• Basic system, network and OS hardening techniques.
• Test procedures, principles and methodologies relevant to developing and integrating cybersecurity capability.
• Transmission technologies and jamming techniques that enable and prevent transmission of undesirable information or prevent installed systems from operating correctly and the laws relating to their usage.
• Network traffic analysis tools, methodologies and processes.
• Web filtering technologies.
• Network technologies in IT and ICS/OT environments.
• Supervisory control and data acquisition system components.
• ICS operating environments and functions.
• ICS network architectures and communication protocols.
• ICS devices and industrial programming languages.
• ICS threat landscape.
• threats and vulnerabilities in ICS systems and environments.
• intrusion detection methodologies and techniques for detecting ICS intrusions.

Qualifications:
• Bachelor’s degree in computer science, information technology, or any other engineering field.
• 7-15+ years of experience with industrial control systems.
• ICS410: ICS/SCADA Security Essentials.
• ICS456: Essentials for NERC Critical Infrastructure Protection.
• ICS515: ICS Active Defense and Incident Response.
• ICS612: ICS Cybersecurity In-Depth.
• GICSP, GCIP, GRID

About the Company

We are a national group formed on the foundations of social responsibility and building the acquired value with hard work and quality of outputs that contribute to creating a fertile production environment for our esteemed customers so that they can present their work in accordance with standards of balanced performance that ensures continuity and reduces the expected risk.