Sr OT Cyber Defense Systems Engineer
- Philadelphia, PA
PRIMARY PURPOSE OF POSITION:
Responsible for the maintenance and operation of ICS SOC monitoring tools, servers and appliances. Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware, software, and documentation that are required to effectively manage network defense.
- Continually monitor, refine & improve upon the security technologies utilized by the ISOC and Cybersecurity for OT monitoring. Perform system administration on specialized cyber defense applications and systems (e.g., ticketing system, SIEM, appliances, etc.) to include installation, configuration, maintenance, backup and restoration. Build, install, configure, and test dedicated cyber defense hardware.
- Deploy new OT data source feeds into Splunk & develops initial content for monitoring. Engage with and maintain close relationship with ISOC & OT teams to understand use case needs. Monitor Splunk infrastructure performance
- Installation, configuration, maintenance, and deployment of RHEL servers according to documentation
- Installation, configuration, and maintenance of cyber security applications.
- Create and maintain extensive documentation of system configuration and maintenance procedures including required OT Security Governance documentation
- Creation of scripts to facilitate server maintenance
- Lead projects to further enhance security technologies, practices, processes
- Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline, and typically 5 or more years of solid, diverse experience in cyber security systems operations, or equivalent combination of education and work experience.
- At least 3 years of demonstrated experience in the energy sector
- 5+ years of experience as administrator of Linux servers in large enterprise environment
- Knowledge of systems administration concepts.
- Skill in conducting system/server planning, management, and maintenance.
- Skill in correcting physical and technical problems that impact system/server performance.
- Familiarity working in restricted network
- Experience and capability with one or more scripting languages including perl, python, shell scripting including bash and other shells
- Experience with installation, configuration and maintenance of open source software including OpenSSH, OpenSSL, Squid, OpenLDAP
- Experience maintaining central authentication infrastructure for Linux fleet including LDAP
- Experience managing vendor relationships, obtaining support from vendors
- Proven analytical and problem solving skills
- Knowledge of systems testing and evaluation methods.
- Graduate degree in cyber security or related area of expertise.
- At least 3 years of experience as part of an electric utility
- Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff.
- Industry certifications including Linux and cyber security certifications
- Skill in using security event correlation tools.
- Knowledge of system life cycle management principles, including software security and usability.
- Demonstrated knowledge of cyber defense policies, procedures, and regulations.
- Demonstrated advanced knowledge in the area of Cyber SOC operations; particularly in Cyber Security Systems Engineering
- Knowledge of local specialized system requirements (e.g., Industrial Control Systems that may not use standard information technology [IT]) for safety, performance, and reliability.
Back to top