Industrial Control Systems Security Consultant
FireEye, Inc.
Dubai, United Arab Emirates
منذ 21 يوم
source : Smart Recruiters
Company Description

FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,000 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.


Job Description

Protect industrial networks and ICS/SCADA systems.

Our Industrial Response Security Consultants combine industry-leading FireEye security technology and intelligence to deliver incident response, compromise assessments and threat modeling to clients within the Industrial Control Systems space.

The risk profile of controls systems is continually changing as Operational Technology (OT) and IT networks become increasingly interconnected. The changing risk profile increases FireEye's need to assist clients in preventing, detecting, responding to, and recovering from cyber security incidents involving control systems. Our investigations expose threats targeting power plants, water, manufacturing systems, and other control systems. Our teams then develop innovative analytics for detection, support investigations, and incident response solutions.

Responsibilities:

  • Act as a subject matter expert (SME) on ICS matters to the larger consulting practice
  • Conduct log analysis, host and network forensics in support of incident response investigations
  • Work with IT and OT client staff to conduct a thorough investigation and implement an effective remediation strategy
  • Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied in current and future investigations
  • Hunt for active threats and malicious activity within control systems and identify possible attack vectors
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Conduct table top exercises based on first hand knowledge of real world attacks to help organizations better prepare for future attacks
  • Effectively communicate investigative findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel

  • Qualifications

    Requirements:

  • Excellent verbal and written communication skills
  • Hands-on experience in log analysis, host and network forensics
  • Hands-on experience with operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, RTUs, HMI and Distributed Control Systems (DCS)
  • Well-versed in various control frameworks, including: IEC62443, NERC CIP, NIST
  • Fundamental understanding of IT and OT network communication protocols (For example: TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.)
  • Familiarity with Unix and Windows operating systems and administrative tools
  • Additional Qualifications:

  • Willingness to travel up to 50%
  • Ability to successfully interface with both internal and external clients
  • Ability to document and explain technical details in a concise, understandable manner
  • Self-motivated and results focused; ability to strengthen the team and its mission
  • Global Industrial Cybersecurity Professional (GICSP), Certified SCADA Security Architect (CSSA), or Certified Information Systems Security Professional (CISSP) Certifications a plus 


  • Additional Information

    All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. 


    قدِّم طلب ترشيحك
    أضف الى المفضلات
    إزالة من الإشارات المرجعية
    قدِّم طلب ترشيحك
    بريدي الالكتروني
    بالنقر فوق "متابعة"، عطي نيوفو الموافقة على معالجة بياناتي وإرسال تنبيهات البريد الإلكتروني لي، وفقًا لسياسة الخصوصية الخاصة بنيوفو. يمكنني إلغاء اشتراكي أو سحب موافقتي في أي وقت.
    واصل
    استمارة الطلب