NW Analyst & Security Analyst

Role Title : Network Analyst - Programmable Logic Controller

Hybrid, with some travel required

Main Accountabilities

• Day to day service delivery and operational support (L1 to L3)
• Provide technical Support to Service Desks and 3rd party suppliers for incidents, problems and changes related to in-scope environment.
• Manage day to day service delivery and operational support with 3rd party suppliers and consultants (vendor relationship management)
• Design, Document, implement and support IT Network & Security architecture and solutions complying to Information Security Policies and internal IT Directives
• Follow-up on IT Network & Services remediation plans
• Support projects and related activities as IT Network and / or Security subject matter expert.
• Analyze technology industry and market trends and determines potential impact upon the enterprise.
• Development of Standard Operating Procedures

Knowledge, Skills, and Experience

SD-WAN and WAN Op (Cisco Meraki, Riverbed SteelConnect Riverbed SteelHead)

Overview :

The Network & Security Analyst - PLC plays a crucial role in ensuring the security and reliability of Client's industrial control systems (ICS) and programmable logic controllers (PLCs). This individual demonstrates a high level of professionalism, prioritizing the protection of critical infrastructure and data. Responsibilities include :

o Designing, implementing, and maintaining network and security architectures for ICS and PLCs

o Conducting vulnerability assessments and penetration testing to identify and mitigate security risks

o Monitoring and analyzing network traffic to detect and respond to security incidents

o Developing and implementing security policies and procedures to ensure compliance with industry standards and regulations

o Collaborating with cross-functional teams, including operations, engineering, and IT, to ensure a comprehensive approach to security

Essential Functions :

Main Accountabilities :

o Network and Security Architecture : Design, implement, and maintain network and security architectures for ICS and PLCs, considering factors such as scalability, reliability, and security best practices.

o Vulnerability Assessment and Penetration Testing : Conduct vulnerability assessments and penetration testing to identify and mitigate security risks in ICS and PLC environments.

o Network Traffic Monitoring and Analysis : Monitor and analyze network traffic to detect and respond to security incidents, including unauthorized access attempts, malware infections, and denial-of-service attacks.

o Security Policy and Procedure Development : Develop and implement security policies and procedures to ensure compliance with industry standards and regulations, such as IEC 62443 and NERC CIP.

o Cross-Functional Collaboration : Collaborate with cross-functional teams, including operations, engineering, and IT, to ensure a comprehensive approach to security, considering operational requirements and technical constraints.

Impact / Dimensions :

o Strategic Impact : The Network & Security Analyst - PLC plays a critical role in protecting Client's critical infrastructure and data, ensuring the continuity of operations and minimizing the risk of financial and reputational damage.

o Annual Budget : Contributes to the overall cybersecurity budget, which is in the millions of dollars.

o Number of Employees Supervised : May supervise a team of junior security analysts or engineers.

Key Performance Indicators (KPIs) :

o Number of security incidents detected and resolved

o Percentage of successful vulnerability assessments and penetration tests

o Compliance with industry standards and regulations

o Mean time to detect and respond to security incidents

o Employee satisfaction with security awareness training

Major Opportunities and Decisions :

o Identifying and prioritizing security risks in ICS and PLC environments

o Balancing security requirements with operational needs

o Making recommendations for security investments and improvements

o Responding to and managing security incidents

o Staying up-to-date with the latest security trends and technologies

Management / Leadership :

o Demonstrates leadership in the area of network and security for ICS and PLCs

o Provides guidance and mentorship to junior security analysts or engineers

o Collaborates effectively with cross-functional teams to influence decisions and drive security initiatives

o Communicates effectively with technical and non-technical audiences about security risks and solutions

Key Relationships, Stakeholders & Interfaces (External & Internal) :

o Internal : Operations, engineering, IT, senior management

o External : Cybersecurity vendors, industry associations, regulatory bodies

Knowledge and Technical Competencies :

o Strong understanding of network and security concepts, protocols, and technologies

o Experience with ICS and PLC security, including IEC 62443 and NERC CIP

o Proficiency in vulnerability assessment and penetration testing tools and techniques

o Knowledge of security policies and procedures, risk management, and incident response

o Excellent communication and interpersonal skills

o Ability to work independently and as part of a team

Education / Experience :

o Bachelor's degree in computer science, information technology, or a related field

o 5 years of experience in network and security, with a focus on ICS and PLC security

o Experience with vulnerability assessment and penetration testing

o Certifications in security-related disciplines, such as CISSP, CISM, or CEH, are desirable