ICS - Principal Field Service Engineer
Warrendale, US
Your Role and Responsibilities:
-
Secure Operations Management: Enforce company policies and practices to ensure that all products and systems are compliant with cybersecurity standards. This is a hands-on role that actively participates in security operations.
-
Security Risk Assessment: Provide input for security risk assessments and compliance audits, identifying potential information and network security vulnerabilities.
-
Operational Incident Handling: Manage the detection, response, mitigation, and reporting of incidents within the environment. This role is responsible for hands-on incident resolution and actively participating in the incident response process.
-
Vulnerability Management: Participate in the IT vulnerability management program by classifying vulnerabilities, providing remediation guidance, and working with the team to prioritize and address vulnerabilities.
-
Compliance and Policy Enforcement: Ensure compliance with relevant cybersecurity compliance regulations. Execute company policies to maintain compliance.
-
Documentation: Document standard operating procedures and guidelines. Develop, maintain, and publish standards to mitigate risk and influence user behaviors. Assist in reviewing and documenting exceptions to security standards.
-
Security Technology Evaluation: Investigate and recommend security technologies and solutions to support secure development functions.
-
Technical Guidance: Provide technical guidance and consultation related to information security issues. This is a hands-on role that actively contributes to the resolution of security challenges.
-
Process Performance: Actively participate in security processes and procedures, ensuring their effectiveness and efficiency.
-
Weekly Meetings: Be an active member of secure development meetings, providing updates, insights, and participating in the decision-making process.
-
Travel up to 85%, typically when deploying systems to the field for installation and commissioning
-
Maintain in-depth knowledge of Westinghouse deployed solutions for cyber security and distributed control and information systems.
-
Professional interaction with WEC Customers.
Required Technical and Professional Expertise:
-
Bachelor's degree in a relevant field or associate’s degree and equivalent experience, coupled with high proficiency operating in Enterprise OT Security.
-
Proven experience in cybersecurity operations, risk assessment, and incident management, along with demonstrated supervisory experience.
-
Strong knowledge of cybersecurity best practices, compliance regulations, and industry standards.
-
Hands-on experience with security tools and technologies.
-
Excellent communication and teamwork skills.
-
Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) are a plus.
-
Minimum 5+ Years of installation and troubleshooting experience in Operational Technology / Information Technology with 5* Years experience leading a large-scale cyber security program. typically, 10+
-
Ability to be granted 10 CFR 73.56 Trustworthy and Reliability Clearance for US Nuclear Plant Entry
-
Professional certifications, such as CISSP, GIAC (GSTRT, GLEG, GSLC, GPEN), OSCP, or other applicable technical certifications showing area of expertise from qualified and reputable vendors and certification agencies.
-
Experience with interpreting Security Control & Program Frameworks such as NIST 800-53, NIST 800-82r2, 20 Critical controls, ISO 27001 & 27002, NEI-08-09, NEI 13-10 into Cybersecurity Program, Policy & Procedures.
-
Excellent team leadership, technical teamwork, written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
-
Strong risk analysis, risk management and proven experience in reducing risk to the organization.
Preferred Technical and Professional Expertise:
-
Familiarity with modern enterprise security practices both on-premises and Cloud.
-
Demonstrated internal team collaboration and external vendor management.
-
Demonstrated experience with VMWare and ESXi.
-
Familiarity with Rapid7 Vulnerability Management tools.
-
Familiarity with current and legacy Windows and Linux operating systems.
-
Demonstrated experience with Security Audit Assessments
Job Segment:
Nuclear Engineering, Power Plant, Maintenance, Field Engineer, Information Security, Engineering, Energy, Manufacturing, Technology