Position Summary
The ICS/OT Cybersecurity Engineer is responsible for securing Industrial Control Systems (ICS)/Operational Technology (OT) environments from cyber-attack and ensuring compliance with regulatory cybersecurity requirements. The ideal candidate will have demonstrated experience as a cyber analyst, strong understanding of cybersecurity technologies, a strong understanding of ICS/OT security principles and practices and experience implementing security controls in an ICS/OT environment.
This role offers a unique opportunity to contribute to the security and resilience of critical infrastructure and industrial systems. By joining our team, the successful candidate will have a direct impact on safeguarding vital assets and processes while driving the organization's commitment to maintaining the highest standards of ICS/OT security.
Tasks and Responsibilities
• Develop, implement and maintain OT/ICS cybersecurity policies and procedures necessary to meet regulatory compliance with regulatory agencies including but not limited to TSA, PHMSA and public service/utility commissions
• Track and enforce compliance with internal policies and procedures
• Perform periodic reviews and exercises to ensure compliance with internal policies and procedures
• Design, implement, and maintain security controls for ICS/OT environments to meet or exceed applicable codes and standards and regulatory requirements
• Secure OT/ICS network infrastructure and systems
• Deploy and manage a SIEM and other security monitoring tools to continuously monitor the ICS/OT systems for any signs of malicious activities or anomalies
• Tasks within the SIEM include:
• Analyzing security logs, network traffic, and system behavior to detect potential security breaches
• Developing parsers for ingestion
• Developing alerting rules and tuning to reduce false positives
• Developing automation and scripts
• Coordinating with SOC team
• Lead and conduct the following types of assessments:
• Security (using a variety of frameworks)
• Vulnerability
• Against internal policies and procedures
• Lead and conduct pen-tests internally and with 3rd party providers
• Provide security guidance and support to ICS/OT personnel
• Stay up-to-date on the latest ICS/OT security threats and trends relevant to industry sector and to specific systems, equipment and applications within the ICS/OT environment
• Monitor vendor and CISA sources for security advisories and
• Evaluate, document and track security advisories for applicability to ICS/OT environment
• Coordinate with ICS/OT personnel to perform recommended mitigations
• Perform cyber incident response by effectively investigating events of interest for escalation to incidents, mitigating damages, and implementing remediation measures to restore operations promptly
• Collaborate with incident response teams and law enforcement (as needed) to reduce the impact of the incidents
Qualifications, Skills and Abilities
• Bachelor's Degree in cybersecurity preferred
• 3+ Years in information security, preferably with a focus on ICS/OT security required
• 0-2 Years performing tasks within a SIEM required
• Good communication and teamwork skills
• One or more of the following certifications:
• CompTia Network+
• CompTia Security+
• Cisco Certified Network Associate (CCNA)
• Response and Industrial Defense (GRID)
• Strong understanding of ICS/OT security principles and practices
• Experience implementing security controls in an ICS/OT environment
• Certifications in ICS/OT security (e.g., CISSP-ISSAP, ISA/IEC 62443)
• Experience with ICS/OT security tools and technologies (e.g., firewalls, intrusion detection systems, SIEMs)
• Experience with ICS/OT protocols and standards (e.g., Purdue Model for ICS networks, Modbus, DNP3, IEC 61850, API-1164, NERC-CIP, NIST SP-800-82, CISA-CPG)
For Canadian hires: AltaGas hires personnel on the basis of job-related qualifications. All qualified applicants will receive consideration without regard to a person's ancestry, place of origin, colour, ethnic origin, citizenship, creed, sex, sexual orientation, gender identity or expression, age, record of offences, marital status, family status or disability or any other characteristic protected by applicable law.
For U.S. hires: U.S. affiliates of AltaGas are committed to equal employment opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, ethnicity, religion, gender, age, national origin, marital status, sexual orientation, gender identity, family responsibilities, matriculation, physical or mental disabilities, political affiliation, genetic information, status as a protected veteran or any other characteristic protected by federal, state, or local law.