Sr. ICS/OT Engineer - AES United States Bookmark Share Print 944 0 2

Listing Description

The AES Global Cyber Security team is looking for a Senior OT Cyber Security Engineer to join our Cyber Defense organization. The candidate will be responsible for the architecture and operations of cyber security technology and processes within OT environments spanning AES power generation, distribution, and transmission business.

The candidate should demonstrate the ability to design security architecture for ICS (Industrial Control System) and SCADA (Supervisory Control and Data Acquisition) OT (Operational Technology) systems and their integration with other OT and IT (Information Technology) systems from a cyber and networking perspective.

Responsibilities:

• Implement and operate a network security monitoring solution within OT networks to provide visibility on threats and vulnerabilities and integrate others into Cyber Defense solutions
• Partner with a broad group of stakeholders across the IT/Digital/OT teams to improve the process for threat management and vulnerabilities response within the OT environment
• Define and measure metrics to report on the health of the OT security program
• Be a subject matter expert and advocate for cyber security within OT environments
• Present and communicate to stakeholders including IT/Digital/OT executive leadership and business leaders regarding OT security issues  
• Partner in the identification of solutions to address security vulnerabilities in order to reduce risk to an acceptable level
• Perform analysis of telemetry from the OT network monitoring solution to analyze and respond to potential cyber threats
• Participate in information sharing with internal and external stakeholders for purposes of threat intelligence and best practice sharing

Required Skills / Experience: 

• 4+ years hands on experience within incident response, security operations center and/or cyber intelligence function
• 1+ years experience working with cyber security technology in Operational Technology (OT)   
• Ability to develop and communicate a strategic plan to executive leadership and discuss and execute details at a technical level with analysts and engineers
• Strong problem-solving skills
• Excellent verbal and written communication skills
• Information Systems, Computer Science Bachelor's degree OR equivalent experience
• Ability to obtain a TWIC card

Desired Skills

• Experience with OT network security monitoring solutions (ex. Forescout, Nozomi, Dragos)
• Networking experience: TCP/IP, OSI model, packet capture tools and analysis (tcpdump), and the Purdue model for OT segmentation
• GIAC (GCIH, GCIA, CGFA, GSNA, GRID, etc.) or CISSP or other cyber security certifications
• Experience with NERC CIP standards
• Practical hands-on experience with log analysis, alerts, and forensics artifacts for threat detection, incident response and hunting (Splunk, Helix, or other SIEM solutions)
• Experience with vulnerability management tools and processes
• Experience with network security technologies such as firewalls, IDS, proxy servers, etc. 
• Experience with a scripting language such as Python, PowerShell, etc.
• Knowledge of various operating system flavors including Windows and Linux
• Experience with security control frameworks such as NIST 800-53, 20 Critical Controls, ISO 27002, ISA/IEC 62443
• Ability to communicate in Spanish/Portuguese is a plus

AES is an Equal Opportunity Employer who is committed to building strength and delivering long-term sustainability through diversity and inclusion. Respecting all backgrounds, differences and perspectives enables us to improve the lives of our people, customers, suppliers, contractors, and the communities in which we live and work. All qualified applicants will receive consideration for employment without regard to sex, sexual orientation, gender, gender identity and/or expression, race, national origin, ethnicity, age, religion, marital status, physical or mental disability, pregnancy, childbirth, or related medical condition, military or veteran status, or any other characteristic protected under applicable law. E-Verify Notice: AES will provide the Social Security Administration (SSA) and if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.