Cybersecurity Analyst

at STANLEY CONSULANTS INC (NEW) in Chicago, Illinois, United States

Job Description

Description POSITION SUMMARY: Support projects by addressing Facility Related Control System (FRCS) and Industrial Control System Cybersecurity, utilizing Information Technology (IT) information and techniques. Technical focus, working with networking, systems, design, and development teams advising them on security topics and helping review and confirm implementations. Support the execution of projects consisting of network design and re-design, cybersecurity vulnerability assessments, secure system design and integration, and/or development of cybersecurity programs for clients in a wide variety of industries utilizing the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), NIST Cybersecurity Framework (CSF), DoD 8500.01, UFC 4-010-06, and other industry specific compliance frameworks and regulations. PRIMARY RESPONSIBILITIES: Review, develop materials, and recommend technical, administrative, and physical controls to mitigate identified cybersecurity risk. Participate in project meetings with the client to identify existing cybersecurity controls and what controls/processes need to be included in the design. Prepare design documents with provisions for proper cybersecurity compliance with applicable standards. Perform risk assessments of IT infrastructure and applications and make recommendations for improvements. Review system architecture for compliance with security frameworks, best practices and/or regulatory requirements. Review and recommend firewall configurations to secure internet facing systems. Review and analyze security alerts and vulnerability notices from vendors and other security sources. Ability to travel nationally or internationally. Some travel is expected for this position. QUALIFICATIONS: Bachelor's Degree or equivalent work experience in Cybersecurity, Computer Science, Computer Engineering, Electrical Engineering, Information Systems Security or equivalent. CISSP certification or equivalent required. US citizenship required. Familiar with NIST SP 800 series and CSF security frameworks desired. Familiar with information security systems such as firewalls, IDS/IPS, SIEM, vulnerability management, antivirus, access control, authentication, patching, and logging. Demonstrates knowledge of applicable cybersecurity standards involving control systems, including those relating to process networks. Background in design of cybersecurity systems required. Military FRCS cybersecurity background preferred. Power distribution (NIST) knowledge preferred. COMPETENCIES: Direction Demonstrates willingness to take on responsibilities and challenges; fulfills obligations reliably and dependably. Determines how a system should work and how changes in the conditions and operations will affect outcomes. Identifies indicators of system performance and actions needed to improve performance relative to the goals. Attention to Detail - Thorough when performing work and conscientious about details. Collaboration Listens actively to understand what people say, asks questions, and speaks to convey information effectively. Effective Communication - Expresses information to individuals or groups effectively, considering the audience and nature of the information (for example, technical or sensitive). Coordinates work with others, adjusting actions in relation to others' actions; reconciles differences when needed. Works with clients to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Innovation Identifies complex problems and reviews related information to develop options and implement solutions. Uses logic and reasoning to identify strengths and weaknesses of alternative solutions or approaches to problems. Considers the relative costs and benefits of potential actions to choose the most appropriate ones. Development Understands the implications of latest information for current and future problem-solving and decision-making. Teaches others about information security and provides resources to facilitate learning and security. Expertise Basic understanding of cybersecurity principles and general knowledge of cybersecurity technologies, as well as industry recognized certifications. General knowledge of cybersecurity vulnerability assessments, penetration tests, and the tools/techniques involved in both. General knowledge of the capabilities and/or... For full info follow application link. Equal Opportunity Employer: Minorities, Women, Veterans, Disabilities. • All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, or national origin. We are also an equal opportunity employer of individuals with disabilities and protected veterans. • Please view Equal Employment Opportunity Posters provided by OFCCP here.
Copy Link

Job Posting: 11501102

Posted On: Dec 04, 2023

Updated On: Dec 08, 2023

Please Wait ...