Industrial Cybersecurity Consultant (Solution Architecture/R&D/Programming focus)

Burns & McDonnell
Raleigh, NC Full Time
POSTED ON 11/12/2021 CLOSED ON 11/25/2021

What are the responsibilities and job description for the Industrial Cybersecurity Consultant (Solution Architecture/R&D/Programming focus) position at Burns & McDonnell?

Description

The Industrial Cybersecurity Consultant will be a treasured member of the 1898 & Co. Security & Risk Consulting practice. The 1898 & Co. Security & Risk Consulting practice is a premier OT/ICS/SCADA cybersecurity consulting practice whose mission is to serve humanity by improving the safety, security, and reliability of the world’s critical infrastructure – improving risk management through resiliency, situational awareness, and preparedness. The Industrial Cybersecurity Consultant will be committed to will independently execute significant portions of projects addressing the security of Operational Technology (OT) systems consisting of Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), Programmable Logic Controllers (PLC), Discrete Process Control (DPC) systems, etc.

The Industrial Cybersecurity Consultant supports the solution architecture and/or execution of projects consisting of a variety of assessments (e.g., GAP/Maturity, Vulnerability, Risk, Threat, Firewall, etc.); secure architecture, design, and implementation of OT networks, business outcome solution implementation, and operations, respond and recover related services (incident response planning, disaster recovery planning, business continuity planning). The Industrial Cybersecurity Consultant will support cybersecurity programs at client sites across North America utilizing the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), NIST Risk Management Framework (RMF), NIST 800-53, NIST SP800-82, NIST 800-30, ISA/IEC62443, and other key industry best practices and standards.

Job Duties:

  • Working with senior solution architects, standard new solution and service offerings for others within service delivery to execute.
  • Architecting and designing demo systems, solution kits, and client implementation plans.
  • Technical R&D for solutions, services, and partners.
  • Execute the planning, design, development, and implementation of technical controls, procedures, and policies associated with cybersecurity compliance and/or regulatory standards.
  • Maintain the highest level of integrity, protecting the confidentiality and security of all clients and project information.
  • Identify and diagnose operational issues and implement design alterations to address these issues.
  • Conduct vulnerability assessments of OT networks for cybersecurity, risk management, and/or compliance purposes.
  • Perform detailed, post-event analysis of unusual events, and direct needed procedure or process changes in response.
  • Pursue, obtain, and maintain industry-recognized certifications related to cybersecurity such as ethical hacking, penetration testing, network engineering, Industrial Control System (ICS), Supervisory Control and Data Acquisition (SCADA), risk management, and others, as necessary.
  • Resolve technical issues, analyze implications to the client’s business, and be able to communicate them with applicable stakeholders within the business.
  • Develop policies & procedures for secure process control network design, technical and design recommendations for implementing firewalls, unidirectional gateways, zero trust design, and other network security controls.
  • Compiles technical documentation of network traffic as well as firewalls services/solutions, including explanations and diagrams.
  • Work collaboratively with other groups and divisions inside of 1898 & Co. and Burns & McDonnell.
  • All other duties as assigned.

Qualifications

  • Bachelor’s degree in a technical field, e.g., (Cybersecurity, Industrial Cybersecurity, Cyber-Physical Systems, Computer Science or Information Systems, Computer Engineering, Electrical Engineering, or another related technical field with appropriate experience).
  • Minimum 8 years of industrial cybersecurity experience for Consultant.
  • Additional applicable years of experience may be considered in lieu of degree requirements.
  • Advanced knowledge of security principles and firm knowledge of cybersecurity technologies, as well as industry-recognized certifications.
  • Experience in the capabilities and/or configuration of cybersecurity controls, specifically those relating to firewalls, identity, and access control, zero-trust security, authentication and authorization, anti-virus/anti-malware, patch management, network, and system hardening, SIEM implementation, and/or tuning, and logging.
  • Intermediate knowledge (2-3 years) of writing scalable code using the python programming language required.
  • Basic to advanced knowledge of linux required.
  • Experience with security engineering principles, various cybersecurity assessment methodologies, security control implementation, and validation, and system life-cycle practices.
  • Advanced knowledge of networks and control systems utilized by critical infrastructure sectors, is preferred.
  • Strong written and oral communication skills.
  • Strong analytical and critical thinking skills.
  • Ability to operate under pressure and under tight deadlines, to operate onsite within industrial, corporate, and government work settings.
  • Demonstrate an understanding of business principles and operational security practices specific to engineering and/or security consulting.
  • Knowledge and/or experience with legacy and modern computer networking and telecommunications.
  • Experience with physical cabling for network communications and control system input/output.
  • Strong technical writing skills
  • Ability to develop and maintain strong relationships with clients.
  • Ability to present complex technical issues and their impact in an easy-to-understand manner.
  • Knowledge and experience with corporate policies and procedures
  • Preferred: Some background, knowledge and experience with multiple of the following cybersecurity standards: NIST Risk Management Framework; NIST 800-53; NIST Cybersecurity Framework; NIST SP800-82; ISA/IEC62443.
  • Travel for site work is estimated to average between 25-50% annually.

The Ideal Candidate will also have the following preferred skills:

  • Soft skills –
  • Tenacious Problem solving
  • Unselfish collaborator
  • Intellectual curiosity
  • Dedicated to continuous improvement.
  • Grit
  • Consulting background
  • DoD and/or DoE Security clearances
  • Relevant industry certifications such as –
  • CISSP, CISM, CISA, CEH, GICSP, etc.
  • Bonus points for - ITIL certification, Prosci, or similar people change management certification.
  • Knowledge or experience with –
  • Security, Orchestration, Automation & Response (SOAR) solutions
  • OT asset inventory w/ change detection solutions
  • Vulnerability Management solutions
  • Identity and Access Control solutions
  • Zero Trust Security solutions
  • OT network & communications monitoring solutions
  • Knowledge of the Purdue model for zones/segmentation
  • Demonstratable name recognition in the OT / ICS / SCADA cybersecurity industry

EEO/Minorities/Females/Disabled/Veterans

Job Consulting

Primary Location US-MO-Kansas City

Other Locations US-VA-Richmond, US-NC-Raleigh, US-FL-Orlando, US-MD-Baltimore, US-GA-Atlanta, US-SC-Greenville, US-AZ-Phoenix, US-TX-Houston, US-CT-Wallingford, US-VA-Roanoke, US-CA-Brea, US-CA-San Diego, US-VA-Norfolk, US-NY-Manhattan, US-MN-Minneapolis/St Paul

Schedule: Full-time

Travel: Yes, 50 % of the Time

About 1898 & Co.

1898 & Co. is a business, technology and security solutions consultancy where experience and foresight come together to unlock lasting advancements. We innovate today to fuel our clients’ future growth, catalyzing insights that drive smarter decisions, improve performance and maximize value. As part of Burns & McDonnell, we draw on more than 120 years of deep and broad experience in complex industries as we envision and enable the future for our clients.

Burns & McDonnell is an Equal Opportunity Employer Minorities/Females/Disabled/Veterans

Req ID: 213774

\#LI-MG \#E98 N/A

Product/Custom Order Engineer Electrical
VIR Consultant LLC -
Youngsville, NC
Cybersecurity Architect
Synopsys Inc -
Durham, NC
Manager - Cybersecurity
Carpenter Technology USA -
Raleigh, NC

For Employer
Looking for Real-time Job Posting Salary Data?
Keep a pulse on the job market with advanced job matching technology.
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

Sign up to receive alerts about other jobs with skills like those required for the Industrial Cybersecurity Consultant (Solution Architecture/R&D/Programming focus).

Click the checkbox next to the jobs that you are interested in.

  • SAP Asap Methodology Skill

    • Income Estimation: $151,672 - $199,860
  • Bug/Defect Analysis Skill

    • Income Estimation: $73,937 - $105,550
    • Income Estimation: $80,266 - $90,539
This job has expired.
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Not the job you're looking for? Here are some other Industrial Cybersecurity Consultant (Solution Architecture/R&D/Programming focus) jobs in the Raleigh, NC area that may be a better fit.

Technical Specialist- Junior

Starcom Consultant, Raleigh, NC