Go Enterprise, contact us anytime: email, phone, or chat

  • Senior ICS Security Analyst

    Bechtel Group, Inc.

    As a Senior ICS Security Analyst, you will assist the team responsible for researching, developing, and implementing defenses for existing plants and affecting future design decisions to enable security in our one-of-a-kind ICS Cyber Laboratory. You will also work with a world-class team to defend Bechtel’s projects using enterprise forensics systems, log analysis systems, and network collection systems to facilitate response to incidents on a global scale. You will work with industry respected malware, network and Incident Response analysts to coordinate a best in class response to computer related incidents, getting a first-hand perspective of adversaries and their tactics.

Description

Like hard problems? Got skillz? We are building a bleeding edge computer incident response capability in industrial control systems (ICS) for our global enterprise, and you can be a critical part of this creative, fast-paced, and exciting team. We are seeking cyber security operations specialists who have expertise in coding, malware analysis, network security monitoring and incident response.

The ideal candidates will have an open mind, bring a fresh perspective to the team and be passionate about cyber security, defending and supporting our missions.

As a Senior ICS Security Analyst, you will assist the team responsible for researching, developing, and implementing defenses for existing plants and affecting future design decisions to enable security in our one-of-a-kind ICS Cyber Laboratory. You will also work with a world-class team to defend Bechtel’s projects using enterprise forensics systems, log analysis systems, and network collection systems to facilitate response to incidents on a global scale. You will work with industry respected malware, network and Incident Response analysts to coordinate a best in class response to computer related incidents, getting a first-hand perspective of adversaries and their tactics.

Must be a US Citizen

Why Bechtel?
• Unparalleled mission
• Use of bleeding edge tools, and analysis techniques
• Opportunity to work with some of the best-in-the-industry Incident Response personnel
• Great learning environment. Continued learning is encouraged and supported
• Open research and conference presentations are encouraged
• Too many reasons to list here...

Basic Qualifications:
• 5+ years of experience in a security or incident operations role
• 2+ years of experience with live forensics tools such as EnCase Enterprise, Mandiant Response Tools, Google Rapid Response, or FTK Imager
• Bachelor's degree in Information Technology or 8 years of experience
• Must be a United States citizen


Responsibilities

  • Required Skills:
  • • Strong analytical, documentation and communication skills
  • • Experience with SIEM (Security Information Event Management) tools such as ArcSight or Splunk
  • • Understanding of network traffic tools, techniques and analysis
  • • Understanding of host forensics tools, techniques and analysis
  • • Understanding of malware reverse engineering tools, techniques and analysis
  • • Understanding of IDS & IPS technologies, both signature and behavior based
  • • Experience with Windows event log analysis
  • • Excellent written and oral communication skills
  • • Scripting/Coding experience in a scripting or programming language (Python, C, JavaScript, etc)
  • • Experience creating and applying Regular Expressions
  • • Knowledge of Host Forensics, Malware Reverse Engineering, or Network Forensics
  • • Experience with operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS
  • • Versed in various controls frameworks, including: IEC62443, NERC CIP, NIST
  • • Fundamental understanding of IT and OT network communication protocols (For example: TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.)
  • • Knowledge of Windows and Linux (command line)
  • Preferred Skills:
  • • Minimum of three years in industrial control systems or Operational Technology (OT)
  • • SANS Certifications, ideally GCIH, GCIA, GCFE, GREM, GCFA, GRID, GPEN, GWAPT
  • • Possess in-depth domain expertise working with industrial control systems in a relevant industry such as Electric Power, Oil & Gas, Chemical, Transportation, Water/Wastewater, or Manufacturing
  • • Experience with industrial control systems and threats specific to their operational environment
  • • Expert level knowledge of tools and technologies used for industrial control systems and enterprise security
  • • Experience developing YARA, snort or Bro signatures
  • • Versed in various controls frameworks, including: IEC62443, NERC CIP, NIST
  • • Experience testing ICS vulnerabilities
  • • Assessing vulnerabilities, synthesizing complex concepts into understandable naratives, and preparing reports f

Details

  • Travel No travel
  • Incentives Both
  • Clearance & Citizenship U.S. Citizenship
  • Remote Work No remote work
  • Education No requirements
  • Salary Range Not provided

Join NinjaJobs!

Registered users get the benefit of full listing views, searches, posting options and more!

Company Ratings powered by

  • 3.7

    Overall Rating - Satisfied


  • Culture and Values 3.7
  • Work/Life Balance 3.2
  • Senior Management 3.2
  • Comp and Benefits 3.9
  • Career Opportunities 3.4