Internet Storm Center

Job Description

At Algonquin-Liberty, we hire passionate people who care about doing the right thing for our customers. We are entrepreneurial, creative, and outcome-focused. Here, your natural talent and achievements will flourish in an inclusive environment of teamwork, trust and continuous learning. We are always pursuing excellence to exceed our ambitions goals, rewarding both the goal outcome and how we achieve it.

Purpose


The Engineer, Cybersecurity (OT) develops, implements, and maintains the organization's corporate security posture. This includes implementing and maintaining security controls, conducting risk assessments, and responding to cybersecurity incidents. The Engineer, Cybersecurity is the subject matter expert providing support across the enterprise for the successful delivery of projects. Additionally, the Cybersecurity, Engineer ensures that security technologies are properly tuned, implemented, maintained, and engineered to successfully defend the enterprise. The Engineer, Cybersecurity will also be accountable for staying up to date on the latest security threats and trends, and for developing and implementing strategies to mitigate them.


Accountabilities


Provide security requirements into the design and ensure appropriate implementation of security controls for a variety of OT environments
Conduct security assessments of OT systems and networks to identify vulnerabilities and potential threats.
Monitor and continually engineer improvements to the organization's security posture and respond to cybersecurity incidents in collaboration with the Security Operations team, OT Infrastructure teams, and other key stakeholders.
Stay up-to-date on the latest OT security threats and trends, and share your knowledge with others.
Collaborate with other departments to ensure that cybersecurity considerations are integrated into business processes
Operate as the cybersecurity subject matter expert for projects identifying security requirements, assessing risks, and recommending controls
Design, implement, and maintain security controls for OT systems
Configure and manage security appliances and systems for OT environments.
Provide technical guidance and support to OT teams on security best practices.
Participate in cross-functional teams to develop and implement overall cybersecurity strategy.
Document security procedures and processes.

Education and Experience


B.S. Degree or equivalent technical experience
Relevant security certifications is an asset (i.e., GCIA, GCIH, GSOC, Security+, CISSP, etc.)
Minimum 5 years of experience in the technology space fulfilling cybersecurity functions with at least 2 years of experience in OT cybersecurity roles
Strong understanding of operational technologies (e.g., SCADA, DCS, PLC).
Fundamental understanding of the Purdue Reference Model for Industrial Control System (ICS) cybersecurity
Fundamental understanding of industrial protocols and interoperability; CIP, DNP3, Ethernet/IP, OPC-UA, MODBUS, MQTT, Modbus
Experience with OT security assessments, vulnerability management, and incident response.
Excellent internal/external stakeholder management skills
Ability to multi-task and work in agile, fast-changing and fast-growing environments
Excellent verbal and written communication skills, teamwork skills, and an engaging personality; a proven ability to effectively interface with a diverse range of roles at all levels
Expert knowledge of a wide range of technical environments, including cloud, automation, active directory, and networking
Understanding of cybersecurity risks and vulnerabilities
Knowledge of cybersecurity best practices and standards (e.g. ISO 27001, NIST Cybersecurity Framework)
Knowledge of security protocols and technologies (e.g. SSL, HTTPS, VPN)
Experience with risk assessment and management
Strong problem-solving and analytical skills
Familiarity with programming languages and frameworks (e.g. Python, Java, .NET)
Knowledge of compliance requirements (e.g. NERC CIP)