This site uses cookies. To find out more, see our Cookies Policy

Security Architect in Tampa, FL at Vaco

Date Posted: 8/2/2018

Job Snapshot

Job Description


Our premier client is currently seeking a Sr. Industrial Control System Security Architect . The Senior Industrial Control System (ICS) Security Architect leads the development, deployment, management and enforcement of Operational Technology (OT) security solutions to meet Industry Standards and ICS Vendor Requirements. This includes leading the development of OT Security Policies and enforcement of those Policies. This role will be responsible for maintaining and utilizing threat assessment tools and procedures and utilizing system logs and other tools to identify active threats. This role requires technical threat assessment skills to proactively detect threats to the OT systems, substantiate security incidents and effectively respond. Extensive cooperation with IT will be required in order to ensure overall business alignment and coordination.

What will you do?

  • Lead the development, deployment, management and enforcement of OT Security Policies. This will include leading the effort in adopting applicable components of IEC 62443 that provide increased OT Security while minimizing increased production risk.
  • Evaluate available vendor security solutions in order to determine if and how they should be deployed in the OT environment. This includes evaluation of deploying Rockwell Factory Talk Security solutions in a standardize manner across the Business Unit. Perform similar evaluation on other installed vendor solutions including Yokogawa, Emerson Delta V, Novatech D3 and Foxboro.
  • Support the Senior ICS Network Architect and IT to design, deploy, manage and maintain ICS Network Architectures, IP Segmentation Philosophies, VLAN Design, Firewall Deployment, and Remote Access Methodology.
  • Leads the development and management of ICS Network Firewall Rules in order to standardize deployment and minimize security risks to OT environments.
  • Utilize existing and newly deployed OT Security Solutions in order to perform threat assessments, substantiate security incidents and effectively respond. Effectively communicate OT Security Risk to the Business Unit, make recommendations and perform required risk mitigation measures. Provide extensive coordination with IT Security in order to ensure overall business alignment and communication of OT security risks.


What do you need for this role?

  • High School Diploma required. Associate's degree and/or Bachelor's degree with a major in Computer Science, Engineering or related field preferred
  • Global Industrial Cyber Security Professional (GICSP) or equivalent required
  • Certification in any of the following preferred:
  • Certified Information Systems Security Professional (CISSP)
  • Global Information Assurance Certification (GIAC)
  • CCNA Network & Switching
  • CCNA Industrial
  • CCNA Security
  • 7+ years of experience working with Industrial Control Systems in an operational environment
  • 2+ years of experience providing 24/7/365 support within an operational environment
  • Knowledge of IEC 62443 standards and ability to acquire IEC 62443 Certifications within 6 months
  • Background knowledge of Rockwell Factory Talk Products, specifically ControlLogix PLC's and Distributed Factory Talk View SE Installations
  • Familiar with OSI Pi Data Historian installations
  • Background knowledge of various Distributed Control Systems, specifically Emerson Delta V, Yokogawa, Novatech D3 and Foxboro IA.
  • Extensive experience in deploying Security Zones
  • Working knowledge of Intrusion Prevention System technology and log evaluation
  • Able to quickly evaluate and recommend action on ICS technology threats
  • Familiar with IP Subnets, VLAN Concepts, SIEM and Security Log analysis
  • 5+ years of experience as a threat assessment analyst and/or incident responder role or equivalent
  • Experience in analyzing large volumes of information from multiple sources in order to draw conclusions regarding suspicious patterns
  • Experience in analyzing processes in detail in order to create procedures that balance security concerns with the need for sustained production capabilities
  • Understanding of network architecture and communication protocols
  • Windows Administration
  • Understanding of host and network based forensic analysis tools and techniques to include file system and memory artifact recovery and analysis
  • Basic OT malware analysis and reverse engineering
  • Understanding of Intrusion detection principles and signature development
  • Understanding of penetration testing tools and techniques
  • Strong verbal, written, listening and presentation communication skills
  • Ability to present and discuss technical information in a way that establishes rapport, persuades others, and gains understanding
  • Strong organizational skills and attention to detail
  • Ability to work with employees at all levels of the organization
  • Demonstrated problem solving techniques and strong analytical skills
  • Solid interpersonal skills with the ability to work as part of a collaborative team across the organization
  • Ability to adapt to a continually changing business and work environment and manage multiple priorities
  • Demonstrated critical thinking and decision making skills
  • Strong analysis and problem solving skills

Job Requirements

Lead the development, deployment, management and enforcement of OT Security Policies. This will include leading the effort in adopting applicable components of IEC 62443 that provide increased OT Security while minimizing increased production risk.
Evaluate available vendor security solutions in order to determine if and how they should be deployed in the OT environment. This includes evaluation of deploying Rockwell Factory Talk Security solutions in a standardize manner across the Business Unit. Perform similar evaluation on other installed vendor solutions including Yokogawa, Emerson Delta V, Novatech D3 and Foxboro.
Support the Senior ICS Network Architect and IT to design, deploy, manage and maintain ICS Network Architectures, IP Segmentation Philosophies, VLAN Design, Firewall Deployment, and Remote Access Methodology.
Leads the development and management of ICS Network Firewall Rules in order to standardize deployment and minimize security risks to OT environments.
Utilize existing and newly deployed OT Security Solutions in order to perform threat assessments, substantiate security incidents and effectively respond. Effectively communicate OT Security Risk to the Business Unit, make recommendations and perform required risk mitigation measures. Provide extensive coordination with IT Security in order to ensure overall business alignment and communication of OT security risks.

What do you need for this role?

High School Diploma required. Associate’s degree and/or Bachelor’s degree with a major in Computer Science, Engineering or related field preferred
Global Industrial Cyber Security Professional (GICSP) or equivalent required
Certification in any of the following preferred:
Certified Information Systems Security Professional (CISSP)
Global Information Assurance Certification (GIAC)
CCNA Network & Switching
CCNA Industrial
CCNA Security
7+ years of experience working with Industrial Control Systems in an operational environment
2+ years of experience providing 24/7/365 support within an operational environment
Knowledge of IEC 62443 standards and ability to acquire IEC 62443 Certifications within 6 months
Background knowledge of Rockwell Factory Talk Products, specifically ControlLogix PLC’s and Distributed Factory Talk View SE Installations
Familiar with OSI Pi Data Historian installations
Background knowledge of various Distributed Control Systems, specifically Emerson Delta V, Yokogawa, Novatech D3 and Foxboro IA.
Extensive experience in deploying Security Zones
Working knowledge of Intrusion Prevention System technology and log evaluation
Able to quickly evaluate and recommend action on ICS technology threats
Familiar with IP Subnets, VLAN Concepts, SIEM and Security Log analysis
5+ years of experience as a threat assessment analyst and/or incident responder role or equivalent
Experience in analyzing large volumes of information from multiple sources in order to draw conclusions regarding suspicious patterns
Experience in analyzing processes in detail in order to create procedures that balance security concerns with the need for sustained production capabilities
Understanding of network architecture and communication protocols
Windows Administration
Understanding of host and network based forensic analysis tools and techniques to include file system and memory artifact recovery and analysis
Basic OT malware analysis and reverse engineering
Understanding of Intrusion detection principles and signature development
Understanding of penetration testing tools and techniques
Strong verbal, written, listening and presentation communication skills
Ability to present and discuss technical information in a way that establishes rapport, persuades others, and gains understanding
Strong organizational skills and attention to detail
Ability to work with employees at all levels of the organization
Demonstrated problem solving techniques and strong analytical skills
Solid interpersonal skills with the ability to work as part of a collaborative team across the organization
Ability to adapt to a continually changing business and work environment and manage multiple priorities
Demonstrated critical thinking and decision making skills
Strong analysis and problem solving skills