Accede Solutions Inc (accedesolution.com) ยท 4 months ago
Cyber Security Analyst Progression
Apollo Beach, FL
Full-time
Onsite
Mid, Senior Level, Lead/Staff
5+ years expAccede Solutions Inc is seeking a Cyber Security Analyst Progression to maintain the security and integrity of operational technology systems. The role involves managing asset inventories, developing cybersecurity programs, and collaborating with cross-functional teams to improve cybersecurity posture.
B2BEmploymentRecruiting
Responsibilities
Identifies cybers assets, examines and extracts asset configuration, updates the OT cyber asset database to protect operational technology
Installs security patches, updates antivirus definitions, and creates system backups
Collects, maintains, updates baselines of the operational systems, updates cybersecurity SharePoint site for stakeholder engagement
Reviews the releases of new CVEs from external sources for applicability to operational assets regularly
Assists OT team l with IT-related work: software and hardware of HMIs and network appliances, remote connectivity
Evaluates network architecture, system configuration, and external connection layout to ensure compliance of operational technology systems with cybersecurity program
Reviews vendor manuals, training materials, industry standards, and develops cybersecurity maintenance procedures
Provides activities planning guidance, feedback on work completed, and training to Cybersecurity Analysts
Evaluates new CVEs for applicability to OT cyber assets
Translate all applicable standards (NERC CIP, NIST CSF, NIST 800-53, etc.) into appropriate systemic and procedural solutions
Review, revise, and update Energy Supply's operational technology cybersecurity standards and procedures
Evaluate the Energy Supply's operational technology systems and coordinate necessary actions to maintain compliance with applicable internal and regulatory standards
Develop management responses to internal and external government and regulatory audits and data requests with respective management and team members
Review operational technology cyber asset management process
Train and educate team members and facilitate ITOT collaboration
Qualification
Required
High School Diploma or equivalent
From the list of certification vendors, one related Information Security professional certification or ability to obtain via self-study within one year of hire date (ex: CISCO, (ISC)2, GIAC, ISA, ISACA, CompTIA, e-Council, etc.)
5 years of related Cyber Security, industrial automation, IT, OT, or Technical (hands-on networking, telecommunications [radios, satellites, communications, etc.], hardware, software) experience
6 years of related Cyber Security, industrial automation, IT, OT, or Technical (hands-on networking, telecommunications [radios, satellites, communications, etc.], hardware, software) experience
8 years of related Cyber Security, industrial automation, IT, OT, or Technical (hands-on networking, telecommunications [radios, satellites, communications, etc.], hardware, software) experience
Basic knowledge of industrial automation (ABB, Allen Bradley, Emerson, Client, Siemens) or basic knowledge of major operating system security (Windows, Mac OS, Linux/Unix), endpoint, server, and network security
Basic knowledge of major security systems and functions for incident response, monitoring and forensic activities: Firewalls, IDS/IPS, Antivirus/Antimalware, SIEM, Incident Response, Threat Prevention, Web/Application Control Filtering, Email Filtering, NetFlow Analysis, Endpoint Security, Configuration and Change Management, File Integrity Monitoring, and DLP
Basic knowledge of log, network, and system forensic investigation techniques
Basic working knowledge of networking protocols and systems administration
Basic working knowledge of identifying and capturing indicators of compromise and methods for detecting them within incidents
Basic working knowledge with packet analysis and malware analysis
Basic working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX and PCI
Good analytical and risk assessment skills and strong listening, written and computer communication skills for reporting and auditing purposes
Advanced working knowledge of major operating system security (Windows, Mac OS, Linux/Unix), web server security, and network security
Advanced working knowledge of major security systems and functions for incident response, monitoring and forensic activities: Firewalls, IDS/IPS, Antivirus/Antimalware, SIEM, Incident Response, Threat Prevention, Web/Application Control Filtering, Email Filtering, NetFlow Analysis, Endpoint Security, Configuration and Change Management, File Integrity Monitoring, and DLP
Advanced working knowledge of log, network, and system forensic investigation techniques
Advanced working knowledge of networking protocols and systems administration
Advanced working knowledge of identifying and capturing indicators of compromise and methods for detecting them within incidents
Advanced working knowledge with packet analysis and malware analysis
Advanced working knowledge (hands-on experience) of scripting in languages such as Python, Bash or PowerShell
Advanced working knowledge of penetration testing technologies and procedures
Advanced working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX and PCI
Strong analytical and risk assessment skills as well as strong listening, written and computer communication skills for reporting and auditing purposes
Developing and implementing OT Cybersecurity program
Evaluating and adopting cybersecurity controls to the OT environment
Thorough working knowledge of major operating system security (Windows, Mac OS, Linux/Unix), web server security, and network security
Thorough working knowledge of major security systems and functions: Firewalls, IDS/IPS, Antivirus/Antimalware, SIEM, Incident Response, Threat Prevention, Web/Application Control Filtering, Email Filtering, NetFlow Analysis, Endpoint Security, Configuration and Change Management, File Integrity Monitoring, and DLP
Expert working knowledge of log, network, and system forensic investigation techniques
Expert working knowledge of networking protocols and systems administration
Thorough working knowledge of identifying and capturing indicators of compromise and methods for detecting them within incidents
Expert working knowledge with packet analysis and malware analysis
Expert working knowledge (hands-on experience) of scripting in languages such as Python, Bash or PowerShell
Expert working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX and PCI
Strong analytical and risk assessment skills as well as strong listening, written and computer communication skills for reporting and auditing purposes
Preferred
Bachelor's Degree in Computer Science, Information Systems, or other IT related discipline
three or more of the following or similar Information Security professional certifications (ex: ACE, CCE, CAP, CEH, CCNA, CCNP, CISA, CISM, CISSP, CRISC, EnCE, GCCC, GCDA, GCED, GCFA, GCFE, GCIA, GCIH, GCWN, GICSP, GMON, GNFA, GPEN, GPPA, GREM, GWAPT, GXPN, OSCP, SSCP)
Performing cybersecurity maintenance activities: applying patches, updating antivirus signatures, creating system backups.Configuring network appliances
Troubleshooting network communications
Supporting compliance audits
Designing, implementing, and supporting industrial automation systems
Designing and implementing a standard network architecture
Thorough working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX and PCI
Expert working knowledge of reverse engineering malware
Company
Accede Solutions Inc (accedesolution.com)
Accede Solutions is a Women- and Minority-Owned staffing firm specializing in Healthcare, Life Sciences, and IT workforce solutions.
201-500 employees
Funding
Current Stage
Growth StageCompany data provided by crunchbase