Cybersecurity Network Security Engineer (CISSP certified)

Cyber Security Network Security Engineer (CISSP Certified)

Futrend Technology, Inc. is an innovative business and technology solutions provider. Our primary focus and core competencies are in Healthcare IT, Federal Financial Management, and Grants Management. We excel at providing customers with high-value solutions that support their missions and meet their most critical objectives and business needs. We provide full life-cycle IT services to Federal agencies with recognized excellence in complex real-time system integration and enterprise-wide system implementation.

Responsibilities

Responsibilities include:

• Conduct inventory of client hardware and software assets, assessing them for security vulnerabilities, obsolescence, and other risks.

• Review network architectures to ensure adherence to best practices (e.g., “zones & conduits” concept, proper network segmentation, use of Industrial DMZ) and provide recommendations to comply with applicable cybersecurity frameworks.

• Evaluate security products (e.g., firewalls, Intrusion Detection Systems [IDS], Intrusion Prevention Systems [IPS]) to ensure proper configuration and optimal performance.

• Deploy network infrastructure devices (e.g., switches, routers), security appliances (e.g., firewalls, IDS), and virtualization solutions to support secure operations.

• Review U.S. government cybersecurity policies, plans, and procedures; assess network monitoring capabilities; analyze system logs, security events, and packet captures to identify security threats; and provide recommendations for compliance with applicable cybersecurity frameworks.

• Evaluate administrative, technical, and cybersecurity controls, offering recommendations to mitigate identified cybersecurity risks.

• Perform cybersecurity vulnerability and risk assessments in manufacturing and critical infrastructure environments to identify risks (e.g., unsecure remote access points, suspicious remote connections, unauthorized devices) and provide remediation recommendations.

• Create detailed diagrams (e.g., network, cabling, server, rack, logical architecture) and develop procedures and plans (e.g., implementation, Site Acceptance Testing [SAT], mitigation) to support project requirements.

• Develop mitigation plans to address vulnerabilities and provide support during remediation efforts.

• Serve as the ICS/OT/IoT Subject Matter Expert (SME), collaborating with cross-functional teams, vendors, and customers to address inquiries, requests, and projects.

• Design and implement segmented network architectures based on the Purdue Model to enhance cybersecurity and operational efficiency.

• Evaluate, craft, and implement security solutions specific to ICS and OT environments, ensuring alignment with NIST 800-82 guidelines while meeting performance, dependability, and safety requirements.

• Travel to NIH sites as required to support on-site assessments and implementations.

Qualifications

Required Experience

• Certified Information Systems Security Professional (CISSP)

• Degree in Engineering (Electrical, Mechanical, Chemical, or similar), Computer Science, or similar scientific / technical field

• Strong understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST SP 800-82, CIS, Perdue Reference Model etc.)

• Strong understanding of OT network communication protocols (e.g., Ethernet/IP, CIP, Modbus, OPC, etc.) and industrial networking topologies (e.g., ring, star, etc.)

• A minimum of Five (5) years “hands on” experience assessing, designing, and implementing ICS/OT network architectures

• Demonstrated technical skills to analyze, design, and deploy complex Ethernet/IP architecture and communication technologies

• Experience with Nazomi Cyber-Physical System (CPS)

Preferred Experience

• Certified SCADA Security Architect (CSSA)

• GIAC certifications (e.g., GICSP, GRID, Critical Infrastructure Protection)

• ISA/IEC 62443 Cybersecurity Certificates

• Networking certifications (e.g., CCNA, CCNP, JNCIP-ENT, etc.)

• Cybersecurity certification (e.g., CEH, CISA, CISM, CCSP, etc.)

• Understanding of MITRE ATT&CKS for ICS or NERC CIP frameworks

• Understanding of general cybersecurity frameworks (ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53)

• A working knowledge of industrial control systems (e.g., DCS, PLCs, SCADA, etc.)

• Ability to perform vulnerability / penetration testing in ICS/OT environment, and/or threat hunting

• Prior experience Control System Engineer or SCADA Engineer working in manufacturing environments or power generation facilities

• Certified professional engineer

Compensation details:

PI60d74eaf27f7-37483-37722824