Industrial Cybersecurity Consultant

• Execute the planning, design, development, and implementation of technical controls, procedures, and policies associated with cybersecurity compliance and/or regulatory standards.
• Maintain the highest level of integrity, protecting the confidentiality and security of all clients and project information.
• Identify and diagnose operational issues and implement design alterations to address these issues.
• Conduct vulnerability assessments of OT networks for cybersecurity, risk management, and/or compliance purposes.
• Pursue, obtain, and maintain industry-recognized certifications related to cybersecurity such as ethical hacking, penetration testing, network engineering, Industrial Control System (ICS), Supervisory Control and Data Acquisition (SCADA), risk management, and others, as necessary.
• Resolve technical issues, analyze implications to the client’s business, and be able to communicate them with applicable stakeholders within the business.
• Develop policies & procedures for secure process control network design, technical and design recommendations for implementing firewalls, unidirectional gateways, and other network security controls.
• Compiles technical documentation of network traffic as well as firewall services/solutions, including explanations and diagrams.

• Bachelor’s degree in a technical field, e.g., (Cybersecurity, Computer Science or Information Systems, Computer Engineering, Electrical Engineering, or another related technical field with appropriate experience).
• Minimum 4 years of experience in industrial cybersecurity.
• Additional applicable years of experience may be considered in lieu of degree requirements.
• Advanced knowledge of security principles and firm knowledge of cybersecurity technologies, as well as industry-recognized certifications.
• Experience with security engineering principles, various cybersecurity assessment methodologies, security control implementation, validation, and system life-cycle practices.
• Experience in the capabilities and/or configuration of cybersecurity controls, specifically those relating to:

• Firewalls
• Identity and Access Control
• Authentication and authorization
• Anti-virus/anti-malware
• Patch management
• Network and system hardening, network architecture design, network data flow, network switch configuration (IOS and NXOS, SNMP Traps configuration, IP IGMP Snooping)
• System Integration
• System Administration, to include MS Windows Server 2016, MS AD, MS IIS, SSL Integration, MS SQL Server, Powershell)
• Test Engineering, to include Developing and Documenting Test Procedures, Performing component level testing, Performing system-wide testing, and Software Quality Assurance Testing
• Advanced knowledge of networks and control systems utilized by Federal, Military, Defense; etc., is preferred
• Strong written and oral communication skills
• Strong analytical and critical thinking skills
• Ability to operate under pressure and under tight deadlines, to operate onsite within industrial, corporate, and government work settings
• Demonstrate an understanding of business principles and operational security practices specific to engineering and/or security consulting
• Knowledge and/or experience with legacy and modern computer networking and telecommunications
• Experience with physical cabling for network communications and control system input/output
• Strong technical writing skills
• Ability to develop and maintain strong relationships with clients
• Ability to present complex technical issues and their impact in an easy-to-understand manner
• Ability to work remote on the client site
• Knowledge and experience with corporate policies and procedures
• Knowledge and experience with NIST Risk Management Framework; NIST 800-53; DFARS; NIST Cybersecurity Framework; NIST SP800-82; CMMC highly desired
• Travel for site work is estimated to average 25-50% annually

Adaptive Solutions Group