Software Engineer II - LRS
Kansas City, KS
About the Job
LRS Consulting Services is seeking an experienced OT Security Engineer for an exciting contract to hire opportunity with a client of ours in Kansas City, KS.
LRS Consulting Services has been delivering IT excellence for over three decades. Our reputation for quality, flexibility, and strong relationships with our clients keeps them turning to us to meet their IT consulting needs. Our contacts combined with your technical expertise equals career possibilities for you. So let’s get to work!
Description:
As an Operational Technology (OT) Security Engineer, you will work closely with cross-functional teams to design, implement, and maintain robust cybersecurity guardrails that protect DFA’s manufacturing capabilities from cybersecurity threats and vulnerabilities.
Job Duties and Responsibilities:
Knowledge, Skills, and Abilities:
#LI-KZ1
LRS Consulting Services has been delivering IT excellence for over three decades. Our reputation for quality, flexibility, and strong relationships with our clients keeps them turning to us to meet their IT consulting needs. Our contacts combined with your technical expertise equals career possibilities for you. So let’s get to work!
Description:
As an Operational Technology (OT) Security Engineer, you will work closely with cross-functional teams to design, implement, and maintain robust cybersecurity guardrails that protect DFA’s manufacturing capabilities from cybersecurity threats and vulnerabilities.
Job Duties and Responsibilities:
- Assist in the design, monitoring, and enforcement of cybersecurity standards, procedures, and controls for manufacturing plant environments. This may include physical security measures, network segmentation, firewalls, and intrusion detection systems.
- Work with manufacturing sites, engineering, and IT teams to analyze existing OT architecture and ensure seamless integration of cybersecurity measures across the organization's plant facilities and operations.
- Develop and maintain OT-specific cybersecurity documentation, including risk registers, dashboards, and detailed reports, to clearly communicate the OT risk posture to relevant stakeholders.
- Assess and analyze current security architectures to identify vulnerabilities and develop enhanced protections.
- Develop and implement an ongoing vulnerability detection and remediation program for OT systems and oversee vulnerability testing
- Conduct cybersecurity risk assessments on OT systems and networks using frameworks like NIST CSF, ISO 27001, and ISA/IEC 62443 to identify vulnerabilities and implement effective mitigation strategies.
- Continuously monitor OT networks and systems for unusual activities and potential security breaches using advanced monitoring tools and techniques.
- Develop and maintain an incident response plan for OT-related cybersecurity incidents, including detection, response, and recovery procedures.
- Engage in continuous improvement of cybersecurity risk management policies, procedures, and tools, focusing on enhancing the OT security framework at DFA.
- Conduct training sessions and awareness programs for employees to promote cybersecurity best practices and ensure compliance with security policies.
- Ensure compliance with relevant industry standards, regulations, and best practices related to OT cybersecurity.
- Bachelor’s degree in information security, computer science or other related field (work experience may be substituted for the required education on a year for year basis)
- Minimum of 3 years’ work experience in information security, information technology, or industrial control systems (ICS) engineering
- Basic understanding of both Programmable Logic Controllers (PLC), Windows based PC’s and VM’s and industrial network architectures and how to effectively apply these technologies to a dairy manufacturing environment. Experience in industrial control systems (ICS) security is highly desirable
- Experience with selecting, designing, architecting, and deploying security technologies to an OT/ICS environment. Demonstrated understanding of OT/ICS critical infrastructure, including an understanding of threats, vulnerabilities, attack paths, and exploits in an OT/ICS environment.
- Proficiency in cybersecurity technologies, including firewalls, intrusion detection/prevention systems, antivirus software, network administration and monitoring tools, and server architecture and administration concepts.
Knowledge, Skills, and Abilities:
- Knowledge of common cybersecurity threats such as denial of service, ransomware, etc. and approaches to mitigate threats
- Capability of applying relevant cybersecurity standards and framework (NIST Cybersecurity Framework, NIST 800-82 for Industrial Control Systems, ISA-62443, etc.)
- Understanding of security controls necessary to protect both on-premises and cloud-based platforms (AWS, Azure) and applications including Active Directory, Windows server and desktop, etc.
- Familiarity with various SCADA system platform architectures, PLC programming and architectures, and HMI programming and architectures
- Exceptional technical knowledge of current network technologies, protocols and standards
- Knowledge and understanding of system flow charts, data processing concepts, and telecommunications principles
- Excellent written and verbal communication skills with the ability to effectively communicate complex concepts, policies, and procedures to individuals with a varying range of expertise, interests and backgrounds.
- Demonstrated ability to influence others, work effectively, and communicate effectively at all levels with operations, design, projects, vendors, peers, etc.
- Able to accurately articulate the requirements and priorities of both IT and OT stakeholders
- Ability to work with attention to detail and to accurately document work activities undertaken
- Able to conduct research into networking issues and products as required
- Able to prioritize and execute tasks in a high-pressure environment and make sound decisions in emergency situations
- Proven ability to identify areas for process improvement, and then create and execute a plan for improvement.
- Able to work in a team-oriented, collaborative environment actively identify and communicate emerging security threats and industry trends
#LI-KZ1
Source : LRS