Cyber Security Consultant

Note: Consultant can sit in Kansas City, Houston, or Atlanta Offices.

• Execute the planning, design, development, and implementation of technical controlling, procedures, and policies associated with cybersecurity compliance and/or regulatory standards.
• Maintain the highest level of integrity, protecting the confidentiality and security of all clients and project information.
• Identify and diagnose operational issues and implement design alterations to address these issues.
• Conduct vulnerability assessments of OT networks for cybersecurity, risk management, and/or compliance purposes.
• Perform detailed, post-event analysis of unusual events and direct needed procedure or process changes in response.
• Pursue, obtain, and maintain industry-recognized certifications related to cybersecurity including ethical hacking, penetration testing, network engineering, Industrial Controlling System (ICS), Supervisory Controlling & Data Acquisition (SCADA), risk management, and others as necessary.
• Resolve technical issues, analyze implications to the client’s business, and communicate them with applicable stakeholders within the business.
• Develop policies and procedures for secure process controlling of the network design, technical and design recommendations to implement firewalls, unidirectional gateways, zero trust design, and other network security controlling.

• Minimum 8 years of industrial cybersecurity experience.
• Knowledge and experience with ISA/IEC 62443, NIST Cybersecurity Framework (NIST CSF) and ideally NIST SP800-82 requirements.
• Experience with security engineering principles, various cybersecurity assessment methodologies, security controlling implementation and validation, and system life-cycle practices.
• Experience in the capabilities and/or configuration of cybersecurity controlling; specifically, those relating to firewalls; identity and access controlling; zero-trust security, authentication, and authorization; anti-virus/anti-malware; patch management; network and system hardening; SIEM implementation and/or tuning; and logging.
• Experience working with development teams to determine application requirements.
• Ability to operate under pressure and tight deadlines onsite within industrial, corporate, and government work settings.
• Demonstrated understanding of business principles and operational security practices specific to engineering and/or security consulting.
• Knowledge and/or experience with both legacy and modern computer networking and telecommunications systems.
• Experience with physical cabling for network communications and controlling system input/output.
• Bachelor's degree in a technical field, (e.g., Cybersecurity, Industrial Cybersecurity, Industrial Cyber Engineering, Cyber-Physical System Security, Computer Science or Information Systems, Computer Engineering, Electrical Engineering, or another related technical field with appropriate experience.
• Additional applicable years of experience may be considered in place of degree requirements
• Advanced knowledge of security principles and firm knowledge of cybersecurity technologies, as well as industry-recognized certifications.

• Advanced knowledge of controlling systems utilized by Oil, Gas, and Chemicals; Manufacturing; Utilities (Power and/or Water); Energy; transportation; etc.