IACS Standards Specialist
|Seattle, Washington - United States
contact recruiter for details
*some* relocation assistance
WHY IS THIS A GREAT OPPORTUNITY?
Our client is a global company with a respected brand known for making the world a better, safer, more sustainable place, is currently seeking 2 experienced, driven Cyber Security Engineers in our Seattle office who possess the ability to deliver a portfolio of risk and security services directly to our clients in various industries.
This is an exciting opportunity to be in a position to take the lead role in efforts to deliver, develop and grow its portfolio across the Cyber Services market; providing technical guidance as the subject matter expert in all things cyber security including analysis; product testing information; compliance and maintenance recommendations; technical reviews and independent checks.
This role’s primary focus will center around the overseeing responsibility for reviewing, testing, and reporting on the implementation of cyber security controls for client’s products and system. The ideal candidate will have a background in security risk management and quantification experience. This role will take the lead for participation in audits of Security Development Life Cycle (SDLC) and conduct security control assessments in accordance with cybersecurity standards or frameworks including development of security assessment plans and assessment.
- Empower results for our clients by introducing innovative and effective risk management and security solutions
- Provide support to projects during the development phases
- Operate as a technical subject matter expert and mentor cross functional teams regarding integration with multiple cyber security technologies
- Lead and also participate in audits of Security Development Lifecycle including development of security assessment plans and assessment
- Perform mentoring duties to more junior staff, i.e. Lab Tech’s, Certifier Levels I, II & III reviewing evaluations, findings letters, client communication (where appropriate) and acceptance of project work as a mentor
- Run and complete the vulnerability and CRT tests with the end result of providing the client with a report and which includes the audit results
- Ensure completion of projects within established deadlines to meet or exceed client expectations.
- Determine applicable requirements/test/Standard, sample requirements and method/location for testing and evaluation to best suit the client’s needs
- Evaluate product design/construction, formulates test plans and analyzes test data to determine compliance with applicable CSA and other national or international Standards, frameworks and requirements
- Interface with clients, Certification staff from other certification groups, and other team members, including lab personnel, on any Certification related activities
- Prepare work orders for the test program for the lab. Work in collaboration with fully qualified Certifier or mentor to determine applicable tests, and collaborates with lab personnel
- Professional certification CISA, CISSP, GICSP or equivalent
- Experienced knowledge level of at least two different IACS AND General knowledge of application of IACS and roles and duties of employees at sites using IACS AND Moderate level knowledge of networking and communication protocols AND Able to independently read and interpret requirement specifications for IACS products AND Able to independently read and understand user installation and configuration documents for IACS products AND Knowledge of methods used to protect communications and detect / prevent communication attacks
- Strong interpersonal skills and proven track record in establishing and sustaining close working relationships with functional teams and subject matter experts as well as IT technical, development, and support personnel
- Understanding and working knowledge of information security data and processes
- Highly motivated, self-starting individual, and able to multi-task and manage to timelines
- Education: Bachelor’s Degree in Electrical Engineering, Computer Engineering, Computer Science or Equivalent science or engineering degree with minimum 8 years of work experience;
- Proven experience and/or proficiency in the following:
- Minimum of 4 years of detailed system level product development involvement for IACS or minimum of 4 years of systems integration experience for IACS OR Min 6 years system level product Test of IACS; this experience level includes 2 years with software security-related responsibilities and 2 years involvement with networking technologies
- Minimum 1 year of experience performing software process audit OR 2 years in position in which software process has been audited on 3 or more products
- Hands on work experience with:
- Performing compliance and risk assessment audit
- Internal and external auditors
- At least one of regulatory standards or frameworks, such as: NIST SP 800-53, NIST Cyber security Framework, IEC 62443, UL 2900, FISMA, SOX, HIPAA / HITRUST, ISO 27001, Common Criteria, COSO, COBIT, CLASP, DO-178B, IEC 61508, ISO/IEC 15408-3, Microsoft Security Development Lifecycle
University - Bachelor's Degree/3-4 Year Degree