Job Details

Associate Cyber Security Specialist (CORPORATION)

Washington, DC, United States
  • Employment Type: Direct Hire
Our client, a leading provider of energy efficiency and renewable energy solutions, is seeking an Associate Cybersecurity Specialist to join their team. This individual will be responsible for determining the cybersecurity standards and procedures applicable to clients and projects, specifically involving Risk Management Framework in the federal space. The ideal candidate will have experience working cross-functionally and collaborating with other business units and teams including project managers, design engineers, construction managers, and more. The Associate Cybersecurity Specialist will support internal risk assessments, working with third party vendors and consultants, while also performing some in-house risk assessments themselves.  The ideal candidate will have an interest and passion for designing, developing, and implementing cybersecurity plans that meet requirements for mitigating risk across the organization. Experience working in the energy and federal verticals is preferred! Send resumes to [email protected]

Responsibilities:
  • Determines the cybersecurity standards and procedures that apply to each client and project (e.g. Risk Management Framework (RMF)
  • Assesses the level of cyber security risk posed to the site by the proposed project; develops a written cybersecurity plan that meets the contract requirements for mitigating such risk
  • Collaborates with project managers, design engineers, construction managers, and O&M staff to guide them in incorporating the requirements of the cyber security plan into the design, equipment procurement, construction, commissioning, and operation and maintenance of the energy project
  • Supports periodic risk assessments of cybersecurity plans using third-party reviewers; where third-party execution of the risk assessment is not required contractually, self-performs risk assessments in-house; prepares written annual reports and risk assessments for each project
  • Periodically inventories system configuration integrity, software and firmware updates, accesses credentials and similar tasks to sustain or improve the security of installed systems
  • Maintains standard procedures to support cybersecurity requirements at all project-sites
  • Maintains cybersecurity sustainment plans that provide a sequence of notifications, procedures, and definitive actions for breaches and identified weaknesses, as well as periodic maintenance, and system integrity and vulnerability evaluations; assures that systems receive software, firmware, and operating system updates and patches as appropriate, and maintains proper documentation of same
  • Provides support of new plant systems, including participation in the development of commissioning documents, witnesses and participates in commissioning activities, and appropriate contribution to documented commissioning results to assure compliance with cybersecurity requirements
  • Supports development and ongoing review of standard operating procedures
  • Monitors and preserves contractual performance requirements to client in all actions
  • Maintains effective business relationships with existing vendors and service providers, and with on-site customer and corporate staff
  • Maintains compliance with company, industry, trade, and jurisdictional safety standards, practices, codes
  • Performs other duties as required
Qualifications:
  • Bachelor’s Degree in Computer Engineering, Engineering or Computer Science from a four-year technical engineering ABET accredited institution
  • Some experience with HVAC and industrial control systems, common control system software, hardware platforms and communications protocols, serial and packet networks
Preferred Qualifications:
  • Coursework and/or experience related to electrical power systems, engineering design, with exposure to facility operations and projects involving co-generation, engine-generators, heating & cooling plants and systems, building and industrial controls and instrumentation, and automation technologies
  • Understanding of network concepts surrounding VLANs, various access control methods, local and centralized authentication, VPNs, and encryption
  • Excellent verbal, written, computer, technical data, spreadsheet, and communication and organizational skills
  • MS Office proficiency required with advanced Excel and Word experience preferred
  • Proven ability to manage and complete multiple tasks in a timely, cost-effective manner
  • Valid Drivers’ License issued by state of residence and in good standing
  • Will be required to pass security clearance investigation
  • Occasional regional travel may be required
  • Day shift hours, with occasional after-hours / on-call duties required
  • Willingness to work toward and ultimately attain the Certified Information Systems Security Professional (CISSP) certification or Global Industrial Cyber Security Professional (GICSP) certification.

Interested in this job? Get in touch.

(Accepted file formats are PDF, DOC, DOCX, TXT, RTF and ZIP. File size maximum is 2 MB.)