ICS - Cyber Security Solutions Architect

Overview

On Site
Full Time

Skills

ICS
Leadership
Process Engineering
Change Management
Operations Management
Security Operations
Auditing
Network Security
Reporting
Vulnerability Management
Documentation
Standard Operating Procedure
Technology Assessment
Information Security
Decision-making
Systems Design
Estimating
Risk Assessment
Incident Management
CISM
Information Technology
CISSP
GPEN
OSCP
Security Controls
NIST 800-53
NIST SP 800 Series
ISO/IEC 27001:2005
Team Leadership
Collaboration
Teamwork
Communication
Risk Analysis
Risk Management
People Skills
Supervision
Affinity Propagation
Network
Virtualization
VMware
System Administration
Cyber Security
Process Control
Management
Security Clearance
GSEC
Security+
Network+
Recruiting
Law
Regulatory Compliance

Job Details

Opportunity Overview for ICS Platform Administration Supervisor:

This Supervisor Engineer will be responsible to leadership and collaborate with the customer and Westinghouse stakeholders to define and convey the engineering process requirements for implementing upgrade projects. In addition, the Lead Engineer will participate in process development, change management, and management of a small team (3-5 people) to ensure that customer requirements are defined and satisfied.

What your day-to-day looks like:
Secure Operations Management: Enforce company policies and practices to ensure that all products and systems are compliant with cybersecurity standards. This is a hands-on role that actively participates in security operations.
IT Coordination: Collaborate with the Information Technology department to manage and enhance the secure development functions.
Security Risk Assessment: Provide input for security risk assessments and compliance audits, identifying potential information and network security vulnerabilities.
Operational Incident Handling: Manage the detection, response, mitigation, and reporting of incidents within the environment. This role is responsible for hands-on incident resolution and actively participating in the incident response process.
Vulnerability Management: Participate in the IT vulnerability management program by classifying vulnerabilities, providing remediation guidance, and working with the team to prioritize and address vulnerabilities.
Compliance and Policy Enforcement: Ensure compliance with relevant cybersecurity compliance regulations. Execute company policies to maintain compliance.
Documentation: Document standard operating procedures and guidelines. Develop, maintain, and publish standards to mitigate risk and influence user behaviors. Assist in reviewing and documenting exceptions to security standards.
Security Technology Evaluation: Investigate and recommend security technologies and solutions to support secure development functions.
Technical Guidance: Provide technical guidance and consultation related to information security issues. This is a hands-on role that actively contributes to the resolution of security challenges.
Process Performance: Actively participate in security processes and procedures, ensuring their effectiveness and efficiency.
Weekly Meetings: Be an active member of secure development meetings, providing updates, insights, and participating in the decision-making process.

Resolution of technical issues that arise during system design and implementation.
Interface with system end users and customers as required to support meeting project technical objectives.
Provide cost and schedule estimates as required.
Travel up to 50%, typically when deploying systems to the field for installation and commissioning

What we'd like to see from you:
Education:
Bachelor's degree in a relevant field or equivalent experience, coupled with high proficiency operating in Enterprise OT Security.
Proven experience in cybersecurity operations, risk assessment, and incident management, along with demonstrated supervisory experience.
Strong knowledge of cybersecurity best practices, compliance regulations, and industry standards.
Hands-on experience with security tools and technologies.
Excellent communication and teamwork skills.
Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) are a plus.
Minimum 5+ Years of managerial experience in Operational Technology / Information Technology with5* Years experience leading a large-scale cyber security program. typically, 10+
Ability to be granted 10 CFR 73.56 Trustworthy and Reliability Clearance for US Nuclear Plant Entry
Professional certifications, such as CISSP, GIAC (GSTRT, GLEG, GSLC, GPEN), OSCP, or other applicable technical certifications showing area of expertise from qualified and reputable vendors and certification agencies.
Experience with interpreting Security Control & Program Frameworks such as NIST 800-53, NIST 800-82r2, 20 Critical controls, ISO 27001 & 27002, NEI-08-09, NEI 13-10 into Cybersecurity Program, Policy & Procedures.
Excellent team leadership, technical teamwork, written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
Strong risk analysis, risk management and proven experience in reducing risk to the organization.

Experience/Requirements:
At least 10 years of commercial nuclear industry experience is preferred or industry experience in a highly regulated industry with increasing levels of responsibility
Experience leading and directing medium to high complexity projects to successful completion.
Advanced people skills such as effective verbal and written communications, ability to lead and direct complex team structures, able to develop relationships with stakeholders in upper management positions, able to analyze problems, establish facts, and make complex decisions with little to no supervision.
Familiar with the AP1000 project, processes, and procedures.
Network Device Configuration Knowledge / Experience
Experience with virtualization technologies (VMware)
Has ability to establish effective networks across various functional areas and is able to drive and motivate a team to reach a common goal.
Knowledge and experience in I&C systems, specifically in system administration, cyber security, and process control systems.
Knowledge and experience in Ovation (Emerson) Platform are preferred but not required.
Experience with developing engineering deliverables
Experience with developing Engineering Processes and Procedures using formal commercial nuclear processes.
Demonstrated ability to solve complex problems.
Experience with communicating with and escalating to management personnel to gain results.
What we need to see from you:
Ability to be granted 10 CFR 73.56 Trustworthy and Reliable clearance

Certifications:
At least one of the following certifications is preferred but not required.
GIAC Security Essentials Certification (GSEC) or equivalent
Security+ Certification
Network+ Certification
Other related technical certifications showing areas of expertise from qualified and reputable vendors and certification agencies

Employment opportunities may require access to information which is subject to the export control regulations of the United States. Hiring decisions for such positions are required by law to be made in compliance with these regulations. Applicants for employment opportunities in other countries must be able to meet the comparable export control requirements of that country and of the United States.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.