Cyber Security Specialist 3

Overview

Company Overview:

M.C. Dean is Building Intelligence™. We design, build, operate, and maintain cyber-physical solutions for the nation’s most recognizable mission-critical facilities, secure environments, complex infrastructure, and global enterprises.

Our success relies on great people delivering innovative projects and solutions for Fortune 100 companies and the most recognized agencies in government, defense, and security.

Join our more than 4,500 employees worldwide who engineer and deploy automated, secure, and resilient power and technology systems; and deliver the management platforms essential for long-term system sustainability. Together we are creating the integrated systems and technologies that shape the built and cyber-physical world.

We offer an excellent benefits package including:

• A competitive salary

• Medical, dental, vision, life, and disability insurance

• Paid-time off

• Tuition reimbursement

• 401k Retirement Plan

• Military Reserve pay offset

• Paid maternity leave

Salary Range : $94,425 - $151,080

Position Overview:

M.C. Dean is seeking to hire a Cyber Security Specialist 3 to support the CIM Business Unit. The candidate will be required to travel to CONUS and OCONUS Government and Commercial facilities to support the development and implementation of the DoD Risk Management Framework (RMF) process.

Location: Onsite at JBAB

Responsibilities

Position Responsibilities:

· Conduct ICS/SCADA system inventories following guidance including, but not limited to U.S. Army ICS Inventory Methodology and Unified Facilities Criteria (UFC) 4-010-06, Cybersecurity of Facility-Related Control Systems.

· Assist in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process.

· Implement Implementation of DoD Security Technical Implementation Guides (STIGs) on traditional Information Technology (IT) and Operational Technology (OT) systems.

· Conduct vulnerability scanning and document system vulnerabilities.

· Work in a team environment alongside other cybersecurity engineers and Risk Management Framework (RMF) analysts.

Required Education & Experience:

• Active TS/SCI w/ polygraph clearance is required.

· 3+ Years of Experience with a Master's Degree in Information Technology, Risk Management, Cybersecurity

· 5+ Years of Experience with a Bachelor's Degree in Information Technology, Risk Management, Cybersecurity

· 8+ Years of Experience with an Associate's Degree in Information Technology, Risk Management, Cybersecurity

· 11+ Years with a High School Diploma

· Ability to process and operate application software, to include word-processing, spreadsheets and databases.

· Must meet the Department of Defense Directive (DoDD) 8570.01 “Information Assurance Training, Certification, and Workforce Management” and DoD 8570-M “Information Assurance Workforce Improvement Program” requirements for IAM (Information Assurance Manager) Level 2, IAT (Information Assurance Technical) Level 2, OR IASAE (Information Assurance System Architect and Engineer) Level 2.

· Documented training in the following areas: network infrastructure (Cisco), Microsoft Windows.

· Experience working on government and/commercial projects implementing cybersecurity requirements in a variety of industrial control systems (e.g., building management, electronic security, fire alarm/mass notification, electrical distribution, power management, etc.).

Qualifications

Additional Preferred Qualifications:

· 5+ years of experience working with industry and government agencies on the design of ICS platforms and integrated ICS systems

· Strongly preferred: Meet the Department of Defense Directive (DoDD) 8570.01 “Information Assurance Training, Certification, and Workforce Management” and DoD 8570-M “Information Assurance Workforce Improvement Program” requirements for IAM (Information Assurance Manager) Level 3, IAT (Information Assurance Technical) Level 3, OR IASAE (Information Assurance System Architect and Engineer) Level 3

· Familiarity with various industry ICS products

· Experience implementing a variety of security assessment tools

· Implementation of DoD Security Technical Implementation Guides (STIGs)

· Security Readiness Review (SRR) Tools (scripts and OVAL Benchmarks, ACAS, Wireshark)

· Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation

· Strong written and verbal communication skills Ability to coordinate with and support multiple team members, vendors, and government customers

· Ability to identify, maintain, and troubleshoot HMI components

· Ability to identify, maintain, and troubleshoot control network components

· Ability to interpret drawings both mechanical and electrical

· Ability to identify, maintain, and utilize SCADA systems and KPI's

· Ability to train others with lesser skills

· Ability to access all levels and areas of the facility

· Working knowledge of EMS/SCADA or other operational control systems.

· Knowledge of SCADA protocols like Modbus, IEC 60870-5-101 or 104, IEC 61850 and DNP3 and other major SCADA protocols

· Awareness of NIST Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security and UFC 4-010-06 Unified Facilities Criteria (UFC) Cybersecurity of Facility

· Awareness of DoD Risk Management Framework (RMF) process.

· Possession of excellent customer service and organization skills.

· Possession of excellent oral and written communication skills.

Preferred Certifications:

· Certified Information Systems Security Professional (CISSP)

· Certified Ethical Hacker (CEH)

· Certified SCADA Security Architect (CSSA) Related Control Systems.

Abilities:

· Exposure to computer screens for an extended period of time.

· Sitting for extended periods of time.

· Reach by extending hands or arms in any direction.

· Have finger dexterity in order to manipulate objects with fingers rather than whole hands or arms, for example, using a keyboard.

· Listen to and understand information and ideas presented through spoken words and sentences.

· Communicate information and ideas in speaking so others will understand.

· Read and understand information and ideas presented in writing.

· Apply general rules to specific problems to produce answers that make sense.

· Identify and understand the speech of another person.