logo

View all jobs

Sr. Associate IS Security Engineer

Tampa, FL
Top 3 Must Have Skill Sets:
  • Experience in OT security
  • Vulnerability management
  • General IS skills
  • IT system admin skills

Day to Day Responsibilities:
  • This differs from JP8015 as this is for vulnerability management vs IR
  • Please submit candidate at market rate for review!
  • Candidate will be remote until the site re opens then required to be on site
  • 2+ years experience with ICS systems - any industry will do, pharma/biotech ideal
  • Bachelors Degree Minimum, any field
  • Qualys, Siem, Antivirus, Fire Wall, ideal not mandator
  • The Senior Associate IS Security Engineer plays an integral role in information security for . The main responsibility is to support various capabilities within OT security like vulnerability management, cyber threat intelligence, and others. The Sr. Associate IS Security Engineer will work with various partners at in a manner aligned to values to define and implement information security services strategies, standards, tools and processes covering the areas of Operational Technology (OT)
  • This Sr. Associate IS Security Engineer will work with other teams like Security Operations on architecting, designing, and implementing technologies, processes, and other improvements in OT security management. This will also include participation in on-call activities.
  • The Sr. Associate IS Security Engineer will be a part of Threat & Vulnerability Management team and will be expected to contribute to and help deliver services and projects in other areas of information security.
  • The role will be part of the Threat & Vulnerability Management team responsible for delivering security services across globally. This position will focus on OT security services and technologies but will support Threat & Vulnerability Management. Areas of responsibility include:
  • Identify and evaluate gaps in ICS systems. Drive implementation to mitigate security exposure
  • Integrate, configure and conduct vulnerability management technologies for OT networks
  • Configure, conduct, understand, review vulnerability assessments and provide false positive validation focused on the OT/ICS/Manufacturing space
  • Coordinate with internal and external partners to remediate or mitigate security vulnerabilities
  • Use strong social skills to articulate vulnerabilities to technical and non-technical audiences
  • Assist in recommending and prioritizing remediation efforts within infrastructure and application teams
  • Handle tracking and remediation of vulnerabilities by using agreed-upon action plans and timelines with support teams
  • Developing automated and ad hoc reports of security metrics
  • Serve as an escalation point for all technical issues regarding vulnerabilities
  • Provide support and for the organization’s day-to-day counterintelligence program
  • Support Cyber Security Operations Center on security incidents including contributing to mock security incident exercises.
  • Build upon existing capability, recommending cutting-edge tools and procedures to detect threats and protect the firm’s intellectual property and assets
  • Maintain current workflows and develop new ones as needed
  • Implement and maintain API integrations between internal systems to provide enrichment and support workflows
  • Advise incident responders as they develop and coordinate response, containment and remediation capabilities as appropriate
  • Management of technologies and processes relating to assigned OT Security capabilities including issue identification and resolution, integration with other tools, documentation, gap assessment, gap resolution and continuous improvement of the service
  • Define, provide, and improve metrics on the assigned services including the use of appropriate applications and tools for reporting
  • Develop or participate in the development of business cases and presentations on information security technologies of interest
  • Participate in proactive research and provide recommendations for continuous improvement on information security technologies, processes and services
  • Develops, implements, and sustains operational scripts, data structures, libraries and programming code that optimize security in emergent compute patterns with diverse applications throughout the global environment.
  • Analyzes, designs, develops and operates programs, shell scripts, tests, and infrastructure automation capabilities in an advanced security context.
  • Collaborates multi-functionally with analysts, engineers, data scientists to deliver continuous improvement in cyber defense/resilience.
  • The Sr. Associate IS Security Engineer will also present project status reports to senior management, adhere to policies and practices relative to technical guidelines and change management processes, and may contribute to the development of new policies and practices by suggesting innovative ideas.
  • Minimum Qualifications:
  • Bachelor’s degree or higher-level education or work experience equivalent.
  • 1 year experience in Information Security and over 4 years of experience in Information Systems
  • 2 years exp with ICS systems and ICS security industry practices along with exposure to OT
  • 2 years exp supporting PLC, DCS, HMI, or SCADA systems.
  • Excellent written and verbal communication skills
  • Passionate, collaborative and results oriented
  • Clear understanding of and ability to manage cognitive biases
  • Ability to relate same to development of information and intelligence reports
  • Detailed knowledge of Windows and/or Linux systems and associated scripting languages
  • Entry level security certification (CompTIA Security+, Microsoft MTA Security, ISACA CSX, GISF, SSCP)
  • Demonstrated experience working with any of the following:
  • Security Information and Event Management
  • Vulnerability Management
  • Endpoint Security
  • Web Security
  • Incident Response
  • Detailed knowledge of Firewalls, Enterprise E-mail Systems and / or Incident Management.
  • Log analysis capabilities for various security systems or infrastructure devices
  • Attention to detail and focus on providing vetted information
  • Desired Qualifications:
  • Experience with industrial protocols such as OPC, Modbus, and BACNET, EthernetIP, Profinet, S7, Factorytalk, etc.
  • Experience with OT Security management solutions
  • Understanding of IEC 62443/ISA 99, GMP, Purdue Model
  • Experience in supporting solutions, a/v, firewall, iDS, alerting and monitoring in ICS environments
  • Experience with systems security engineering for SCADA, ICS, and IT-level systems
  • Experience with embedded systems
  • Working knowledge of global threats to international cyber security, and conversant in the tactics, techniques and procedures used by cyber adversaries
  • Experience with analytical problem solving and familiar with conducting operations relating to insider threat, counterintelligence investigations, and counterespionage.
  • Microsoft`s MCSA / MCSE certifications
  • Preferred Certifications (Any):
  • CEH, CISSP, GCIH, GPEN
  • GICSP, CCSA (SCADA certified) 

Summary
  • This differs from JP8015 as this is for vulnerability management vs IR
  • Please submit candidate at market rate for review!
  • Candidate will be remote until the site re opens then required to be on site
  • 2+ years experience with ICS systems - any industry will do, pharma/biotech ideal
  • Bachelors Degree Minimum, any field
  • Qualys, Siem, Antivirus, Fire Wall, ideal not mandatory
  •  
  • The Senior Associate IS Security Engineer plays an integral role in information security for . The main responsibility is to support various capabilities within OT security like vulnerability management, cyber threat intelligence, and others. The Sr. Associate IS Security Engineer will work with various partners at  in a manner aligned to values to define and implement information security services strategies, standards, tools and processes covering the areas of Operational Technology (OT)
  • This Sr. Associate IS Security Engineer will work with other teams like Security Operations on architecting, designing, and implementing technologies, processes, and other improvements in OT security management. This will also include participation in on-call activities.
  • The Sr. Associate IS Security Engineer will be a part of Threat & Vulnerability Management team and will be expected to contribute to and help deliver services and projects in other areas of information security.
  • The role will be part of the Threat & Vulnerability Management team responsible for delivering security services across globally. This position will focus on OT security services and technologies but will support Threat & Vulnerability Management. Areas of responsibility include:
  • Identify and evaluate gaps in ICS systems. Drive implementation to mitigate security exposure
  • Integrate, configure and conduct vulnerability management technologies for OT networks
  • Configure, conduct, understand, review vulnerability assessments and provide false positive validation focused on the OT/ICS/Manufacturing space
  • Coordinate with internal and external partners to remediate or mitigate security vulnerabilities
  • Use strong social skills to articulate vulnerabilities to technical and non-technical audiences
  • Assist in recommending and prioritizing remediation efforts within infrastructure and application teams
  • Handle tracking and remediation of vulnerabilities by using agreed-upon action plans and timelines with support teams
  • Developing automated and ad hoc reports of security metrics
  • Serve as an escalation point for all technical issues regarding vulnerabilities
  • Provide support and for the organization’s day-to-day counterintelligence program
  • Support Cyber Security Operations Center on security incidents including contributing to mock security incident exercises.
  • Build upon existing capability, recommending cutting-edge tools and procedures to detect threats and protect the firm’s intellectual property and assets
  • Maintain current workflows and develop new ones as needed
  • Implement and maintain API integrations between internal systems to provide enrichment and support workflows
  • Advise incident responders as they develop and coordinate response, containment and remediation capabilities as appropriate
  • Management of technologies and processes relating to assigned OT Security capabilities including issue identification and resolution, integration with other tools, documentation, gap assessment, gap resolution and continuous improvement of the service
  • Define, provide, and improve metrics on the assigned services including the use of appropriate applications and tools for reporting
  • Develop or participate in the development of business cases and presentations on information security technologies of interest to 
  • Participate in proactive research and provide recommendations for continuous improvement on information security technologies, processes and services
  • Develops, implements, and sustains operational scripts, data structures, libraries and programming code that optimize security in emergent compute patterns with diverse applications throughout the global environment.
  • Analyzes, designs, develops and operates programs, shell scripts, tests, and infrastructure automation capabilities in an advanced security context.
  • Collaborates multi-functionally with analysts, engineers, data scientists to deliver continuous improvement in cyber defense/resilience.
  • The Sr. Associate IS Security Engineer will also present project status reports to senior management, adhere to policies and practices relative to technical guidelines and change management processes, and may contribute to the development of new policies and practices by suggesting innovative ideas.
  • Minimum Qualifications:
  • Bachelor’s degree or higher-level education or work experience equivalent.
  • 1 year experience in Information Security and over 4 years of experience in Information Systems
  • 2 years exp with ICS systems and ICS security industry practices along with exposure to OT
  • 2 years exp supporting PLC, DCS, HMI, or SCADA systems.
  • Excellent written and verbal communication skills
  • Passionate, collaborative and results oriented
  • Clear understanding of and ability to manage cognitive biases
  • Ability to relate same to development of information and intelligence reports
  • Detailed knowledge of Windows and/or Linux systems and associated scripting languages
  • Entry level security certification (CompTIA Security+, Microsoft MTA Security, ISACA CSX, GISF, SSCP)
  • Demonstrated experience working with any of the following:
  • Security Information and Event Management
  • Vulnerability Management
  • Endpoint Security
  • Web Security
  • Incident Response
  • Detailed knowledge of Firewalls, Enterprise E-mail Systems and / or Incident Management.
  • Log analysis capabilities for various security systems or infrastructure devices
  • Attention to detail and focus on providing vetted information
  • Desired Qualifications:
  • Experience with industrial protocols such as OPC, Modbus, and BACNET, EthernetIP, Profinet, S7, Factorytalk, etc.
  • Experience with OT Security management solutions
  • Understanding of IEC 62443/ISA 99, GMP, Purdue Model
  • Experience in supporting solutions, a/v, firewall, iDS, alerting and monitoring in ICS environments
  • Experience with systems security engineering for SCADA, ICS, and IT-level systems
  • Experience with embedded systems
  • Working knowledge of global threats to international cyber security, and conversant in the tactics, techniques and procedures used by cyber adversaries
  • Experience with analytical problem solving and familiar with conducting operations relating to insider threat, counterintelligence investigations, and counterespionage.
  • Microsoft`s MCSA / MCSE certifications
  • Preferred Certifications (Any):
  • CEH, CISSP, GCIH, GPEN
  • GICSP, CCSA (SCADA certified) 
"This posting is for Contingent Worker, not an FTE"

More Openings

Associate Quality Control
Associate Scientist
CPMS CPAQ Associate

Share This Job

Powered by