Back to all jobs

ICS Senior Security Consultant (Remote US)

FireEye

Aug 05

Company Description

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. Learn more about FireEye's world-class solutions and global footprint at https://www.fireeye.com/company.html.

Job Description

Protect operational technology (OT), industrial networks and Industrial Control Systems (ICS)

Our ICS/OT Security Consultants combine industry-leading FireEye security technology and intelligence to deliver penetration testing, incident response, compromise assessments and threat modeling to clients within the ICS and OT space.

The risk profile of controls systems is continually changing as OT and IT networks become increasingly interconnected.  The changing risk profile increases FireEye's need to assist clients in preventing, detecting, responding to, and recovering from cyber security incidents involving control systems.  Our investigations expose threats targeting critical infrastructure, transportation, manufacturing, and other control systems.  Our teams then develop innovative analytics for detection, support investigations, and incident response solutions.

Responsibilities:

  • Work with clients to assess cybersecurity controls appropriate for ICS/OT environments, evolve those architectures to a more defensible posture, and improve the ability to resist, detect, respond to, and contain attacks
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Effectively communicate investigative findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
  • Provide guidance and support on ICS matters to the larger consulting practice

Qualifications

Requirements:

  • Excellent verbal and written communication skills
  • 3-5 years of hands-on experience in one, or more, of the following areas:
    • Penetration Testing / Ethical Hacking
    • Log analysis, host and network forensics
    • Cybersecurity Architecture
    • Cybersecurity Programs, Audit, Compliance, and Strategy
  • Fundamental understanding of operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, RTUs, HMI and Distributed Control Systems (DCS)
  • Fundamental understanding of IT and OT network communication protocols (For example: TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.)
  • Knowledge and understanding of various security control frameworks, including: IEC62443, NERC CIP, NIST
  • Familiarity with Linux and Windows operating systems and administrative tools

Additional Qualifications:

  • Willingness to travel up to 50%
  • Ability to successfully interface with both internal and external clients
  • Ability to document and explain technical details in a concise, understandable manner
  • Self-motivated and results focused; ability to strengthen the team and its mission
  • Global Industrial Cybersecurity Professional (GICSP), Certified SCADA Security Architect (CSSA), or Certified Information Systems Security Professional (CISSP) Certifications a plus 
  • Experience with Industrial Wireless Communications, Software Defined Radio, and Embedded Device Testing a plus

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

(Colorado applicants only*)   

Minimum Salary: $110,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.  

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from FireEye’s Compensation Committee, and vesting terms   

Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, FireEye also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. FireEye also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.   

*Disclosure as required by sb19-085 (8-5-20)