Job Title: Lead OT Cyber Engineer – IT Cyber Program
Location: Los Angeles area (San Pedro, CA 90731)
Contract to hire
Lead OT
Cyber Engineer – IT Cyber Program
Job
Requirements –
IT Cyber
Program
PURPOSE:
- Responsible for the working
hands on and shaping of the terminal Cyber Security demands in
implementing, maintaining, executing the Cyber Program
- Works closely with the local
terminal IT teams, Global Cyber program management and stakeholders,
vendors to implement the Cyber Security program.
- Actively collaborate with his
business stakeholders to identify opportunities to improve efficiency and
in adopting new practices that support the Cyber Program capabilities.
PRINCIPAL
ACCOUNTABILITIES:
Overall
responsibilities are the following:
- Execution and implementation of
the Cyber Security program for facility.
- Work on improvement
opportunities, analysis, prepares recommendations and facilitates Cyber
Security enhancements. Develops business requirement documents and
specifications.
- Review and understand
implemented systems and technology ecosystem at the terminal. Control
cyber design and rollout process, optimization/continuous improvement.
- Ensure vulnerabilities
management for all terminal infrastructure, systems, and technology
assets.
- Works as directed by management
team to implement and document issues, involving gaps, lack of procedures
and processes.
- Analyze data and work with
management to develop Cyber solutions.
- Works closely with the terminal
operational and functional teams.
- Ensure proper integration of
vendor provided solutions into the overall ecosystem of Cyber Security
implementation for the terminal.
- Ensure SLAs are met and daily
KPIs are tracked and documented.
- Collaborate with the regional
teams, to identify opportunities to modernize, streamline and standardize
the Cyber Security portfolio.
Critical
Qualifications/Skills/Experience
Necessary
to perform the requirements of the position:
Education
– University or
higher vocational degree and certification in Cyber Security & industrial
IT systems.
Experience
–
- Minimum five (5) years of
implementation experience in Cyber Program, industrial automation
experience.
- Collaboration - Able to build strong working
relationships with stakeholders.
- Must possess empathy, personal
tact, cultural understanding, and well-developed communication skills
(cross functional as well as on different levels).
Must
haves – The candidate must have experience in all or most of the following
areas for successful implementation of the Cyber Program.
- Experience with Cyber policies,
making IT hardening policy
- Experience with OT hardening
policies, documenting & implementing IT hardening policy
- Experience with making Purdue
visualization
- Defining the cyber requirement
of BCP plans
- Experience with development and
implementation of critical incident response plan (CIRP)
- Experience in definition &
implementation of cyber policy on backup & recovery policy
- Conducting cyber awareness
training
- Validation & cyber exposure
on physical layer, access control
- Definition and hands-on in
implementation of physical layer, perimeter control
- Definition and hands-on in
implementation of cyber isolation of edge equipment
- Definition and hands-on in
implementation of perimeter security for WAN equipment
- Definition and hands-on in
implementation of reverse proxy controls
- Defining and hands-on in
implementing network layer security NAC,
ACL
- Defining and hands-on in
implementing network layer network segregation
- Defining and hands-on in
implementing host layer hardening practice
- Defining and hands-on in
implementing host layer firmware management
- Defining and hands-on in
implementing cyber program support management
- Managing AV scans in production
environment
- Managing vulnerability in
production environment
- Managing accounts &
exposure in production environment
- Hands on experience with Cyber
policy and control implementations for technology system protocols
- Hands on experience with Cyber
policy and control implementation for application layer
- Hands on experience with Cyber
policy and control segregation of network and action
- Hands on experience with Cyber
policy and control segregation for role management
- Implementation of policy
measures for data encryption
- Implementation of policy
measures for data ingress, egress management
Functional
Excellence –
- Ability to provide leadership,
obtain cooperation and assistance to meet objectives. Ability to produce
high-quality work under pressure (time and resources), and to apply
analytical thinking and creative problem solving to daily tasks. Must be
well-organized, punctual, and persistent (personal discipline) with strong
internal client service skills.
DIMENSIONS:
The
physical demands and work environment characteristics described here are
representative of those that must be met by an employee to successfully perform
the essential functions of this job. Reasonable accommodations may be made to
enable individuals with disabilities to perform the essential functions.
Work is
performed mainly indoors (90%) but it will require to perform some coordination
activities outdoors, specially under testing phase.
NATURE
AND SCOPE:
- Reports to regional and global
Cyber Security program team.
- This is a consulting position,
has no direct reports, however they may have multiple contractors and 3rd
party vendors to monitor and supervise.
- This position works with both
internal and external stakeholders.
- This is a domestic position
based in Los Angeles, CA, USA
WORK AND
BUSINESS CONTACTS:
Internal
stakeholders:
- Regional and global cyber
security program teams
- Terminal IT applications
manager
- Terminal IT infrastructure
manager
- Head of IT
- Regional CIO
- Terminal leadership team
External
stakeholders:
3rd party vendors