Industrial Control Systems (ICS) Security Engineer

• ICS Security: Serve as the first point of contact for investigating security incidents related to Industrial Control Systems (ICS). Collaborate with the blue team to design, implement, and maintain security measures for ICS environments, ensuring the protection of operational technology (OT) from cyber threats. Lead initial incident investigations, provide detailed analysis, and coordinate the response to mitigate risks to ICS infrastructure. • Data Center Security: Manage and improve security controls and frameworks for data centers, focusing on network, system. • Risk Assessment: Conduct regular risk assessments on ICS and data center environments to identify vulnerabilities and recommend mitigation strategies. • Incident Response: Develop and maintain incident response plans specific to ICS and data center environments; Develop remediation actions. • Compliance & Standards: Ensure adherence to industry standards and regulations such as NERC CIP, IEC 62443, and ISO 27001, among others. • Security Audits: Perform regular security audits of ICS networks, protocols, and data center systems, ensuring that all infrastructure aligns with company security policies. • Vulnerability Management: Collaborate with teams to implement and manage vulnerability management programs for ICS and data center systems. • Network Security: Design and manage secure network architectures for ICS and data center infrastructures, including firewall configurations, VPN, and access control systems. • Collaboration: Work with IT, OT, and engineering teams to integrate security best practices in new deployments and ongoing operations. • Security Awareness: Educate internal teams on security risks and best practices for both IT and OT systems. • Third-Party Vendor Risk Management (TVRM): Experience in assessing, monitoring, and managing security risks associated with third-party vendors, ensuring compliance with company policies and industry standards.