ICS/OT Consultant (Remote US)

Job Description

FireEye is looking for a motivated ICS/OT Security Consultant with great customer service skills to help clients assess, design, and strengthen their ICS/OT security capability and work to continually improve our own assessment methodologies. Joining our team will give you an opportunity to work with our ICS/OT experts on a broad range of interesting assessments, as well as with the rest of our world-renown Mandiant consulting team. The successful candidate will possess a strong desire to learn, be adept in working multiple projects, and have experience working with industrial control systems OR cyber security in a relevant industry such as Energy, Oil & Gas, Chemical, Transportation, Water/Wastewater, Telecommunications, or Manufacturing.

The risk profile of control systems is continually changing as Industrial Control Systems (ICS), Operational Technology (OT), and IT networks become increasingly interconnected. The changing risk profile drives FireEye's need to assist clients in preventing, detecting, responding to, and recovering from cyber security incidents involving control systems. Our investigations expose threats targeting power plants, water, manufacturing systems, and other control systems. Our teams then develop innovative recommendations and analytics for strengthening security, detection of threats, and incident response.

• Work with clients to assess cyber security controls appropriate for ICS/OT environments, evolve those architectures to a more defensible posture, and improve the ability to resist, detect, respond to, and contain attacks
• Use formal project management skills in planning, tracking, and reporting on project progress
• Interface with clients to address concerns, issues or escalations; track and drive to closure any issues that impact the service and its value to clients
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences; effectively communicate assessment findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel

Qualifications

• Fundamental understanding of IT and OT network communication protocols (For example: TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.)
• Familiarity with operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, or Distributed Control Systems (DCS)
• Familiarity with the key tools used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations
• Familiarity with cyber security operations, event monitoring, and SIEM tools
• Familiarity with Unix and Windows operating systems and administrative tools
• Familiarity of security controls for common platforms and devices, including Windows, Unix, Linux, PLCs, controllers, and network equipment

• Ability to travel up to 50%
• Minimum of two years of cyber security OR industrial control systems/operational technology experience required
• Global Industrial Cybersecurity Professional (GICSP), Certified SCADA Security Architect (CSSA), or Certified Information Systems Security Professional (CISSP) Certifications are desired
• Professional Engineer (PE) or equivalent professional certification is desired

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

Minimum Salary: $80,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from FireEye’s Compensation Committee, and vesting terms

Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, FireEye also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. FireEye also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.

Disclosure as required by sb19-085 (8-5-20)