Cybersecurity Analyst-OT

Cybersecurity Analyst

Unison Systems is looking for a Cybersecurity Analyst for our client in the civil engineering space. This person will join our Safety and Security team in Los Angeles, CA. The hiring manager is looking for someone who has exceptional communication skills and is able help with assessments, policies, procedures, plans, and gaps within the cybersecurity space. This end client is one of the nation's largest transportation agencies for bus and rail lines.

As a Security Analyst, you will perform a broad range of complex technical and professional work functions to analyze and protect IT and OT systems, network, and data across the enterprise. The role is technical and requires an in-depth understanding of information and cyber security technologies and functions. The role also requires an understanding of business goals/strategy and operational requirements in a fast-paced environment.

Candidates must have or be willing to obtain a CISSP or similar certificate within a year of employment. They are also required to be on site in downtown Los Angeles, CA five days per week.

Responsibilities:

• Supports security assessments of technology systems and recommends system changes to ensure adherence to standards, policy, guidelines, strategies, and security best business practices.
• Generating, gathering, and tracking security metrics, developing scorecards for the metrics, and communicating the results to leadership.
• Participates in planning sessions related to projects or new technologies to implement process improvement within the functional area.
• Builds relationships with engineers, stakeholders, and security champions, to incorporate security principles into engineering design and deployments.
• Regularly research and learn new tactics, techniques, and procedures (TTPs) in public and closed forums, and work with colleagues to assess risk and implement/validate controls.
• Basic understanding of ICS/SCADA cybersecurity controls and concerns.
• Understands the TCP/IP stack with prior hands-on expertise securing diverse LAN, WAN, VPN, and wireless environments for large organizations.
• Develops and updates technical documentation (network architecture text and diagrams, security plan controls, and risk assessment, etc.)
• Supports the evaluation and recommendation of hardware and software systems that provide security functions. Familiarity with and ability to investigate Intrusion Detection System (IDS) alerts Incident management, forensic investigation, response, and reporting.

Minimum Qualifications

• Bachelor's Degree in Computer Science, Information Systems, Cybersecurity, Engineering, or related field plus 3+ years of relevant experience.
• 3+ years of Cyber Security experience in Operation Technology field and familiar with Homeland Security requirement for compliance.
• 3+ years of Cyber Security experience in working knowledge in Operation Technology (OT) network system including Remote Terminal Units (RTU), Programmable Logic Control (PLC), interface requirement of Traction Power Substation, Automatic Train Control Systems and various Rail Communication Systems.
• Experience working SCADA system network, Firewall configuration, local networking and Cable Transmission System (CTS).
• Must possess excellent customer service, strong communication and interpersonal skills, work well with others in an integrated team environment, and must be self-motivated.
• Experience with industry standard information security technologies.
• Experience performing technical risk and vulnerability assessments.

Preferred Qualifications:

• Expertise in performing cybersecurity assessments, risk management, governance, and compliance management.
• Experience working within critical infrastructure systems, specifically rail transport experience would be a big plus.
• Knowledge of Payment Card Industry (PCI), American Public Transportation Association (APTA), International Electrotechnical Commision (IEC) 62443, National Institute of Standards (NIST), Center for Internet Security (CIS) or International Standards Organization (ISO) requirements.
• Working with U.S. Government agencies and having experience working with security requirements from DHS, CISA, and TSA.
• Experience with Palo Alto, pfSense, Darktrace, and Cisco security products a bonus.
• Professional security related certifications (e.g. Security+, CISSP, CISM, CCSP, GISP, etc.)
• CCTV experience.

Unison Systems Inc. is a full-service IT consulting firm that offers staffing, consulting, direct-hire recruiting and solutions delivery services. Core areas of service include: Software Engineering Data Management Project/Program Management Infrastructure & Support