End client: IBM
Job Description: Cybersecurity Expert (Incident Response Readiness for OT Systems)
Location: Remote - US Based
Overview
We are seeking an experienced Cybersecurity Expert specialized in assessing incident response readiness for Operational Technology (OT) systems. This role will involve in-depth evaluation and benchmarking against multiple IR frameworks including but not limited to NIST 800-61, ISO 27035, CIS Critical Security Controls, and the SANS Incident Response Process. The candidate will be an integral part of our cybersecurity efforts, driving improvements in our OT cyber defense mechanisms.
Responsibilities
- Assess the existing incident response plans for OT systems in compliance with multiple guidelines such as NIST 800-61, ISO 27035, CIS Critical Security Controls, and the SANS Incident Response Process.
- Perform comprehensive incident response readiness audits, which include simulated cyber-attacks, tabletop exercises, and documentation reviews.
- Generate detailed assessment reports outlining the effectiveness, gaps, and maturity levels of existing incident response capabilities, offering both strategic and tactical recommendations for improvement.
- Evaluate and tune incident detection and response tools such as IDS/IPS, SIEM, and other alerting mechanisms specific to OT environments.
- Work collaboratively with OT and IT teams to implement suggested improvements and best practices for incident response, including coordination and communication protocols during an incident.
- Design and deliver customized training modules for OT personnel on incident response protocols and procedures based on the frameworks mentioned above.
- Remain up-to-date on the latest cybersecurity trends, vulnerabilities, and threat vectors specific to OT systems to ensure ongoing resilience and compliance.
- Engage with external cybersecurity consultants and auditors for objective assessments and audits.
- Ensure alignment of incident response plans with local, state, and federal regulations, as well as industry-specific compliance requirements.
Qualifications
- Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or a related field.
- Minimum of 5-7 years of experience in cybersecurity with a strong focus on incident response readiness assessments.
- At least 2-3 years of experience in working with Operational Technology (OT) systems.
- Deep understanding of multiple IR frameworks including NIST 800-61, ISO 27035, CIS Critical Security Controls, and the SANS Incident Response Process.
- Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Incident Handler (GCIH), or equivalent.
- Strong understanding of OT protocols such as LONWORKS, MODBUS, DNP3, and S7.
- Excellent communication skills and ability to work in collaborative environments.
Skills
- Analytical mindset and superior problem-solving abilities.
- Excellent verbal and written communication skills.
- Familiarity with security monitoring tools like IDS/IPS, SIEM, etc.
- Programming/scripting experience in languages such as Python, Shell scripting, or similar, is an asset.
- Capacity to work effectively under pressure and manage crises.