SCADA Security Analyst II jobs in United States
cer-icon
Apply on Employer Site
company-logo

Johnson County Wastewater · 4 days ago

SCADA Security Analyst II

positionOlathe, KS, US
timeFull-time
remoteHybrid
seniorityMid Level
date4+ years exp

Johnson County Government is seeking a skilled and experienced Security Analyst II to join our team. In this role, you will play a critical part in maintaining and enhancing our security posture, focusing on securing SCADA and ICS environments, while assisting with security projects and safeguarding information assets.

Utilities

Responsibilities

Strengthen Johnson County’s security posture through technology evaluation, process improvement, and secure architecture design
Assist in threat identification and analysis for current and evolving risks and vulnerabilities and work to minimize or neutralize security weaknesses
Conduct and analyze penetration tests and vulnerability scans, taking corrective action as needed to address security weaknesses efficiently and effectively
Perform risk assessments and security reviews of SCADA/ICS systems and propose changes to ensure operational continuity and compliance
Support the deployment of new technologies and coordinate security projects
Monitor, analyze, and respond to security incidents, advisories, and alerts affecting both enterprise and industrial networks
Conduct reporting and auditing of Identity and Access Management
Work with end users and operational teams to ensure secure functionality and promote security awareness
Maintain technical documentation of security procedures, standards, and strategies
Utilize forensic tools to collect and analyze data related to security events
Participate in on-call rotation
Collaborate with both IT and OT teams to develop and implement unified security strategies that protect enterprise and industrial control systems
Design and enforce security controls that are tailored to the distinct needs of OT environments (e.g., availability and safety) while aligning with IT governance and compliance standards
Serve as a liaison between IT security, SCADA engineers, and operational stakeholders to ensure cohesive risk management and incident response across all technology layers

Qualification

SCADA securityICS securityRisk analysisNetworking protocolsSecurity managementSecurity frameworksProject managementAnalytical skillsCuriosityInterpersonal skillsWritten communicationOral communicationFacilitation skills

Required

Bachelor's degree in Information Technology or a related field
4+ years of experience in information technology
2+ years of experience in information security, including risk analysis and management
2+ years of hands-on experience securing SCADA and ICS environments, with a focus on threat mitigation, system hardening, and operational continuity
Hands-on experience with SCADA and ICS systems, including knowledge of their unique security challenges and best practices for securing OT environments
Analytical skills, including the ability to research, interpret data, conceptualize data, analyze information, and write formal recommendations based on findings
Understanding of and experience with routing/networking protocols as well as encryption methods and technology
Demonstrated ability to navigate the cultural and technical differences between IT and OT teams, fostering collaboration and shared security ownership
Experience with converged network architectures, including segmentation strategies for IT/OT environments
Comprehensive understanding and substantive experience in two or more of the following IT disciplines: Endpoint management, Systems administration, Network design and administration, Software applications development, Security management
Strong interpersonal and collaboration skills
Curiosity and a proactive approach to problem-solving
Written communication skills, including business writing, report writing, summarizing, and editing skills
Oral communication skills, including presentations to individuals, as well as small and large groups
Facilitation skills, including ability to use group decision making to gain commitment/consensus and ability to encourage participation

Preferred

1+ years of experience in project management
Familiarity with IT security standards (ISO, NIST) and regulatory frameworks (CJIS, HIPAA, PCI)
Experience implementing security control frameworks such as the Center for Internet Security (CIS) Benchmarks and/or Security Technical Implementation Guides (STIGs) to ensure system hardening and compliance
Experience supporting Microsoft business applications (Active Directory, Exchange, Azure, Entra, Purview, Defender for Office365)
Experience using network analysis tools, scripting languages including UNIX command line utilities, software vulnerabilities, exploits and malware
Security+, Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or similar certification
Experience implementing security frameworks that span both IT and OT, such as NIST SP 800-82 or ISA/IEC 62443

Company

Johnson County Wastewater

twitter
company-logo
Johnson County Wastewater (JCW) is responsible for the safe collection, transportation and treatment of wastewater generated by our community.
location
Olathe, Kansas, US
people-size201-500 employees
web-link
http://www.jcw.org

Funding

Current Stage
Growth Stage
Company data provided by crunchbase