Description & Scope of New Role ICS Security Analyst The person filling this role will report to the Security Operations Manager and will provide support, monitoring and control reviews for all cyber operations technologies.
The ICS Security Analyst will conduct relevant vulnerability/risk assessments and act as a point of contact for security assessments, security audits, and security testing. The role will assist in the analysis and input to remediation steps for cyber security events and incidents across the Industrial Control Systems (ICS) and Operational Technology (OT) estate and technologies. He or she will possess knowledge of ICS and OT Security concepts including having experience of regulatory and best practice frameworks such as IEC-62443, ISO-27001 and NIST. Knowledge,
Skills and Experience Minimum of three years relevant experience in similar roles, working for comparable organisations; Relevant third level degree in a related field is a requirement; Good communication skills and the ability to influence effectively; Ability to work as part of a team or individually as required. Main Duties and Responsibilities ICS Security Analyst – including but not limited to: Supporting technical and security standards and cyber operations management of the ICS and OT technical estate; Performing day to day support of security monitoring activities, including vulnerability assessments, penetration testing, threat intelligence, threat hunting and implementing security policies & procedures; Responsible for logging security events, monitoring and responding to any potential attacks; Performing regular threat and vulnerability scans and providing security penetration testing oversight; Identify and assess security risks by monitoring, tracking and escalating as appropriate; Assist in determining security violations and inefficiencies by working collaboratively with the various IT teams; Assist in investigations of security issues and breaches and reviewing findings with team and key stakeholders; Assist in selection, adoption decisions and installations of automated tools that enforce or monitor the compliance with information security policies, procedures, standards, and similar information security requirements; Partake in efforts to remediate security alerts and respond to security related incidents; Assisting in the delivery of internal technology security projects in conjunction with the IT/OT/ICS Teams; Providing input into the technology security baseline planning; Help shape and evidence that security acceptance criteria are defined and agreed for projects; Assist with the development of mitigation plans to bring any identified security risks within the accepted risk tolerance;
#J-18808-Ljbffr