Listing Description
Our mission at Dragos is to protect the world’s most critical infrastructure from adversaries who wish to do it harm. We help defend industrial organizations that provide us with the tenets of modern civilization: running water, functioning electricity, and safe industrial working environments.
We are practitioners who have lived through and solved real security challenges. Our team members have responded to incidents including the Ukraine 2015 power grid attack, analyzed the CRASHOVERRIDE malware responsible for the Ukraine 2016 electric grid attack, analyzed the TRISIS malware responsible for the petrochemical facility attack in 2017, built and led the National Security Agency mission to identify nation-states breaking into ICS, and performed assessments on hundreds of assets around the world.
The Dragos Threat Operations team serves as boots-on-the-ground on solving industrial control system security challenges. We then bring that expertise back and integrate it into our software technology: The Dragos Platform. We're looking for hands-on industrial control system knowledge and demonstrated experience in penetration testing, red teaming, vulnerability assessments. Candidates will be working directly with US and international customers and directly contributing to R&D efforts.Serve as primary subject matter expert with customer to perform vulnerability assessments, penetration tests, and red teaming of their industrial environment; these engagements range to documentation review and gap analysis to active exploitation of customer owned hardware and software
Manage client engagements to include drafting Scope of Works, Rules of Engagement, and other supporting documentation
Responsible for final delivery of recommendations and findings document, including verbally presenting all findings and addressing customer questions and concerns
Turn insights from customer engagements into research and innovation projects to fuel Dragos technology. This includes packet capture and other data analysis to produce protocol dissectors, characterizations and other analytics
Turn insights from customer engagements into Dragos customer training program. This includes new content, new exercise material and the facilitation of our 5 day course
Support the larger community and represent Dragos leadership through outreach by producing unique content in the form of webinars, whitepapers, and conference presentations
Requirements
Willingness to be a team player on fast-moving team focused on rapidly innovating the state of industrial security
10+ years hands-on experience
Proven ability to safely perform vulnerability assessments and penetration tests of industrial environments including energy, petrochemical, or manufacturing verticals.
Hands on knowledge of industrial environments including PLC, RTU, instrumentation and the industrial processes they sustain
Well versed in various controls frameworks including IEC62443, NERC CIP, NIST
Knowledge of Windows, Linux and a variety of industrial software and hardware and various security tool sets
Ability to analyze and interact with network protocols
Excellent social, verbal and written communication skills; ability to both facilitate training and present complex analytical data to a variety of audiences and work effectively with customers
Ability to travel up to 50%, both domestic and international
Self -motivated and results focused; ability to strengthen the team and its mission
Dragos seeks passionate, hard-working, fun-loving, small-ego, big-brained people. Our tagline is “Safeguarding Civilization” not because we think highly of ourselves, but because the problems we are solving are critically important, today and in the years to come. We look for ICS experts across industries who are committed to growing global expertise in the space by training the next wave of future innovators and thought leaders.
We offer competitive salary, equity, full benefits (medical, dental, vision, disability, and life insurance-all 100% covered) and 6% match-401K.
Dragos is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce. Come join us!
Listing Details
- Citizenship: No Requirements
- Incentives: Stock Options
- Education: No Requirements
- Travel: Travel 50
- Telework: Full Telecommute