Principal Consultant - Security Consultant - NYSTEC : Job Details

About UsNYSTEC is a nonprofit technology consulting company advising agencies organizations institutions and businesses since 1996 Were independent and vendor neutral so we have our clients best interests at heart At NYSTEC we know that we succeed when individuals and teams flourish personally and professionally so our benefits and perks support that mindset About the RoleAs a security consultant in the Cybersecurity and Data Privacy Practice you will collaborate with team members to conceptualize deliver and support our clients through todays ever changing cybersecurity landscape NYSTEC is considered a trusted advisor partner of choice and employer of choice We believe that every interaction is an opportunity to deliver exceptional service that empowers client success Serving as a security consultant your day to day role will include supporting an operational technologyindustrial control systems OTICS and supervisory control and data acquisition SCADA security program This may include performing security compliance assessments primarily related to OTICS and SCADA systems as well as National Institute of Standards and Technology NIST 800 53 and NIST 800 82 compliance assessments The successful candidate will have a demonstrated desire to learn and acquire new skills Key ResponsibilitiesOrganize project work into client presentations outlining findings and recommendationsParticipate in internal public conferences and client facing meetingsPrepare reports and presentationsWhen necessary assume full responsibility and accountability for executing projects or programs including defining project roles and responsibilities conducting project planning and tracking activities and communicating project status upward and to client project managersProactively share information that will make colleagues and clients more successfulProvide feedback to management on team member performanceMentor and lead colleaguesChampion the NYSTEC behaviorsAbout YouRequired QualificationsTraining andor experience with OTICS and SCADA systemsKnowledge of ICSOT SCADA vulnerability analysis and risk managementKnowledge and awareness of critical infrastructure risks and mitigation best practicesExperience with any of the following ICSOT security compliance frameworksCybersecurity Capability Maturity Model C2M2US Department of Homeland Security Cross Sector Cybersecurity Performance Goals DHS CPGNorth American Electric Reliability Corporation Critical Infrastructure Protection NERC CIPNational Institute of Standards and Technology Cybersecurity Framework NIST CSFSANS ICS Five Critical ControlsNIST 800 82 Guide to Operational Technology OT SecurityEuropean Union Agency for Cybersecurity Guide to Protecting Industrial Control Systems EUInternational Society of AutomationInternational Electrotechnical Commission 62443 ISAIEC 62443Skills across multiple cybersecurity domains and the assessment of riskAbility to understand the root causes of vulnerabilities and to articulate those in written and verbal communications to clientsKnowledge of and experience with the implementation and validation of security controls and security governanceExperience with NIST 800 30 style risk assessments and organizational cybersecurity maturity assessmentsAbility to participate and collaborate in the business development and sales process by assisting with project proposals presentations and new client activitiesWillingness to seek knowledge and expertise through professional development within your specialty and to follow up with action to improve quality and establish best practicesAbility to foster strong relationships with clientsDesired QualificationsExperience with OTICS security compliance assessmentsCertifications andor experience specific to OTICS security controls and risk managementCertified information systems security professional CISSP certification or equivalentEducation and ExperienceA bachelors degree in cybersecurity or a related field of study and eight years of relevant experience An equivalent combination of advanced education training and experience will be consideredIt is NYSTECs policy to provide equal employment opportunity EEO to all individuals regardless of actual or perceived race color creed religion sex or gender including pregnancy childbirth and related medical conditions gender identity or gender expression including transgender status age national origin ancestry citizenship status physical or mental disability protected medical condition as defined by applicable state or local law genetic information military service and veteran status sexual orientation marital status or any other characteristic protected by local state or federal laws and ordinances NYSTEC is strongly committed to this policy and believes in the concept and spirit of the law Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities Please contact recruitmentnysteccom if you require a reasonable accommodation to apply for or to perform this job Examples of reasonable accommodation include making a change to the application process or work procedures providing documents in an alternate format using a sign language interpreter or using specialized equipment Applicants must be authorized to work in the United States without the need for visa sponsorship now or in the future Learn more about NYSTEC by visiting wwwnysteccom