Information Security Engineer: III (Senior)

Basic Qualifications: (required)

• 3-5 years of experience in cybersecurity.
• 1-3 years of experience in OT cybersecurity.
• Strong emphasis and proven expertise in cybersecurity principles, tools, and best practices.
• Familiarity with the Purdue Model of control hierarchy.
• Knowledgeable in OT technologies such as Schneider Electric, Honeywell, Rockwell, and other prominent vendors.
• Possess a strong drive to use security to enable the business and deliver a positive experience to other technology organizations across CLIENT.
• Passionate about security and inquisitive by nature, learning new things, and be comfortable making decisions in situations of uncertainty.

Preferred Qualifications: (desired)

• Bachelor’s degree or above in Computer Science, Information Security, or equivalent experience
• Preferred information security domain certifications such as Certified Information Security Support Professional (CISSP), GIAC Security Essentials (GSEC) or Security+ Certified Professional
• Knowledge in IT and OT architecture, design, and implementation of security technologies and controls.
• Demonstrable proficiency with OTSM tools, such as Dragos, Nozomi and Claroty.

An Employee in this role will:

• Prioritize the enhancement of cybersecurity measures, ensuring robust protection protocols across all OT environments.
• Lead vulnerability assessments, and risk mitigation strategies, aligning them with top-tier cybersecurity standards.
• Collaborate closely with IT and OT teams, ensuring secure, efficient, and seamless integrations and operations across all technological environments.
• Continuously monitor, identify, and respond to cybersecurity threats, maintaining the utmost integrity of OT infrastructures.
• Maintain proficiency in contemporary cybersecurity threats, trends, and technologies, applying this knowledge proactively to enhance organizational security.
• Provide essential mentorship within the team, nurturing a culture of continuous improvement and operational excellence in cybersecurity.
• Interface with end users, peers, other IT teams and leadership to provide education, status updates and recommend solutions for improved services and problem resolution.
• Perform security gap analysis, provide recommendations to resolve gaps and guide the development of business cases to identify and evaluates new products.
• Design, implement, and update technical control requirement models and methodologies to support security policy and standards.
• Stay up to date with existing and emerging security technologies that can be adopted at CLIENT.
• Cultivate, maintain, and promote a strong safety culture and follow all safety policies, procedures, and regulations. Identify and communicate workplace hazards and correct or seek assistance in correcting unsafe actions or conditions.