Industrial Cybersecurity

About the Role

Industrial Cyber is NOT a usual Cyber role. It's OT (operational technology focused) going to client locations, physically connecting to PLC/SCADA machines. This person is not just sitting at a command center checking vulnerability results that someone else in the field has gathered. This person IS the person in the field testing, patching, gathering results etc.

This is dealing with Client Energy. So it's Cyber aimed at securing the grid etc.

Team is looking for local candidates in the state of Virginia and able to drive/go to different Dominion offices.

There is a potential that the team will hire up to 5 people - (current opening will show 1 but will adjust once we hire folks).

This will be full-time CWKs.

Travel

Will expect to be at client sites (Virginia) 80-100% of the time. (For example - might spend 1 week on one site, then another week on a different site, etc.). Will expect to be at client sites 80-100% of the time.

Will use own personal vehicle or rental car.

Background Check

NOTE: Please make sure candidate is aware of this: Aside from the Standard Background check with MVR, selected candidate MUST go thru a client background check. This process can take 6 weeks to 2-3 months, depending on when Dominion process this. BMcD doesn't have any control when they run this. Selected candidate can NOT start at all until the Dominion Background check is completed/cleared. The BMcD Hiring Manager will inform me once they get the green light from the client. They can't start at all/do any BMcD training until they clear the Dominion background check.

Responsibilities

• The Cybersecurity Consultant will independently execute significant portions of projects addressing Information Technology (IT) and Industrial Control System security.
• The Cybersecurity Consultant supports the execution of projects consisting of network penetration testing, web application security testing, cybersecurity vulnerability assessments, secure system design and integration, and/or development of cybersecurity programs at client sites across the U.S and Canada utilizing the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), NIST Risk Management Framework (RMF), and other industry or data specific compliance frameworks and regulations.
• Execute the planning, design, development and implementation of technical controls, procedures and policy associated with cybersecurity compliance and/or regulatory standards.
• Maintain highest level of integrity, protecting the confidentiality and security of all client and project information.
• Identify and diagnose operational issues and implement design alterations to address these issues.
• Conduct network penetration tests and vulnerability assessments of IT and Operational Technology (OT) networks, for both compliance and security purposes.
• Perform detailed, post event analysis of unusual events, and direct needed procedure or process changes in response.
• Pursue, obtain, and maintain industry recognized IT certifications related to cybersecurity such as ethical hacking, network engineering, Industrial Control System (ICS), Supervisory Control and Data Acquisition (SCADA), risk management, and others as necessary.
• Resolve technical issues, analyze implications to the client's business, and be able to communicate them with applicable stakeholders within the business.
• Develop policies & procedures for secure process control network design, technical and design recommendations for the implementation of firewalls and other network security and compliance controls.
• Compiles technical documentation of network traffic as well as firewall services/solutions including explanations and diagrams.
• Performs other duties as assigned
• Complies with all policies and standards
• Performs other duties as assigned

Qualifications

• Aside from the Standard Background check with MVR, selected candidate MUST go thru a client background check.
• Selected candidate can NOT start at all until the Dominion Background check is completed/cleared.
• They can't start at all/do any BMcD training until they clear the Dominion background check.