Posted 8 months ago
Job description
The ICS/OT Security Analyst role will be an important member of the Information Security team, delivering support and advisory across the McCain organization. You will analyze security requirements, measures, and controls to help the business and operational teams in developing effective strategies for mitigating security risks.
McCain Foods provides each of our Information Security team member s exposure to a broad range of responsibilities, activities, and projects; providing you an accelerated opportunity to grow and develop professionally.
JOB RESPONSIBILITIES:
- Performing control assessments, ensuring that controls are effective in defending against cyber-attacks on critical infrastructure operational technology and industrial control systems.
- Performing risk assessments, system analysis, intelligence gathering, as well as developing and executing security processes and procedures.
- Creating playbooks and mitigation plans for business units to remediate identified vulnerabilities and providing support during the remediation efforts as needed.
- Providing security subject matter expertise in all matters pertaining to ICS/OT environments, such as consulting and design for network segmentation, threat prevention, identity management and asset management.
- Assisting in the development of ICS/OT specific cybersecurity roadmaps that prioritize the mitigation of cyber threats, based on the likelihood of occurrence and magnitude of cost/consequence of a security incident.
Specific Skills & Knowledge:
- Demonstrate competency with information security principles, and industry standards.
- Excellent written and verbal communication skills, with experience presenting and explaining complex design, information security concepts and digital risk-related concepts to technical and non-technical audiences.
- Able to successfully prioritize and manage to completion multiple complex tasks and deliverables.
- Act as an ICS/OT Security ambassador to both internal and external customers.
- Provide guidance and leadership to other Information Security team members.
- Demonstrate the aptitude to understand business needs and deliver high-quality, and efficient services.
About You:
- 5+ years experience working in OT/ICS security, architecture, or information security equivalent and at least 3-5 years of experience working with control systems is preferred.
- Familiarity with industrial network design & optimization as well as effective network segmentation.
- Preferred: College Diploma or University Degree in either Systems Engineering, Manufacturing Engineering/Automation, Industrial Security/Operational Technology, Information Technology, Manufacturing Automation, or other related discipline.
- One or more of the following certifications:
- ITIL
- GIAC Security Essentials Certification
- GIAC Global Industrial Cyber Security Professional (GICSP)
- GIAC Response and Industrial Defense (GRID)
- ISACA Certified Information Security Manager (CISM)
- Certified Information Systems Security Professional (CISSP)
- Proven analytical and problem-solving abilities. Must demonstrate a very good understanding of Operational Technology, ICS/IACS, automation systems, shop floor processes and requirements in shop floor environments.
- Significant exposure and understanding of industrial Ethernet networks.
- Significant exposure to ICS communications protocols including Modbus TCP/IP, OPC, Profibus etc.
- Significant exposure to IT/OT fundamentals including virtual server installations, database management, active directory management, etc.
- Knowledge of security industry best practices for industrial control systems.
- Prior experience working across other industries in a large multinational corporation or global company.
- Strong interpersonal skills and ability to work effectively with diverse and distributed teams.
- Strong attention to detail, project management and organizational skills.
Job Features
Job Category | IT Jobs |