OT - Cyber Security Principal Engineer

Are you interested in being part of an innovative team that supports Westinghouse’s mission to provide clean energy solutions? At Westinghouse, we recognize that our employees are our most valuable asset and we seek to identify, attract and recruit the most qualified talent while recognizing and encouraging the value of diversity in the global workplace.

 OT - Cyber Security Principal Engineer

OT – Cyber Security Principle Engineer- This is a Mobile role - with onsite work at either our Cranberry Township, PA or Warrendale, PA site, 1-2 days per week.

Your Role and Responsibilities

• Secure Operations Management: Enforce company policies and practices to ensure that all products and systems are compliant with cybersecurity standards. This is a hands-on role that actively participates in security operations.
• IT Coordination: Collaborate with the Information Technology department to manage and enhance the secure development functions.
• Security Risk Assessment: Provide input for security risk assessments and compliance audits, identifying potential information and network security vulnerabilities.
• Operational Incident Handling: Manage the detection, response, mitigation, and reporting of incidents within the environment. This role is responsible for hands-on incident resolution and actively participating in the incident response process.
• Vulnerability Management: Participate in the IT vulnerability management program by classifying vulnerabilities, providing remediation guidance, and working with the team to prioritize and address vulnerabilities.
• Compliance and Policy Enforcement: Ensure compliance with relevant cybersecurity compliance regulations. Execute company policies to maintain compliance.
• Documentation: Document standard operating procedures and guidelines. Develop, maintain, and publish standards to mitigate risk and influence user behaviors. Assist in reviewing and documenting exceptions to security standards.
• Security Technology Evaluation: Investigate and recommend security technologies and solutions to support secure development functions.
• Technical Guidance: Provide technical guidance and consultation related to information security issues. This is a hands-on role that actively contributes to the resolution of security challenges.
• Process Performance: Actively participate in security processes and procedures, ensuring their effectiveness and efficiency.
• Weekly Meetings: Be an active member of secure development meetings, providing updates, insights, and participating in the decision-making process.

Required Technical and Professional Expertise

• Bachelor's degree in a relevant field or equivalent experience, coupled with high proficiency operating in Enterprise OT Security.
• Proven experience in cybersecurity operations, risk assessment, and incident management, along with demonstrated supervisory experience.
• Strong knowledge of cybersecurity best practices, compliance regulations, and industry standards.
• Hands-on experience with security tools and technologies.
• Excellent communication and teamwork skills.
• Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) are a plus.
• Minimum 5+ Years of managerial experience in Operational Technology / Information Technology with5* Years experience leading a large-scale cyber security program. typically, 10+
• Ability to be granted 10 CFR 73.56 Trustworthy and Reliability Clearance for US Nuclear Plant Entry
• Professional certifications, such as CISSP, GIAC (GSTRT, GLEG, GSLC, GPEN), OSCP, or other applicable technical certifications showing area of expertise from qualified and reputable vendors and certification agencies.
• Experience with interpreting Security Control & Program Frameworks such as NIST 800-53, NIST 800-82r2, 20 Critical controls, ISO 27001 & 27002, NEI-08-09, NEI 13-10 into Cybersecurity Program, Policy & Procedures.
• Excellent team leadership, technical teamwork, written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
• Strong risk analysis, risk management and proven experience in reducing risk to the organization.

Preferred Technical and Professional Expertise

• Familiarity with modern enterprise security practices both on-premises and Cloud.
• Demonstrated internal team collaboration and external vendor management.
• Demonstrated experience with VMWare and ESXi.
• Familiarity with Rapid7 Vulnerability Management tools.
• Familiarity with current and legacy Windows and Linux operating systems.
• Demonstrated experience with Security Audit Assessments

Why Westinghouse?

Westinghouse Electric Company is the global nuclear energy industry’s first choice for safe, clean, and efficient energy solutions. We enable our delivery of this vision by living our value system:

• Safety and Quality
• Integrity and Trust
• Customer Focus and Innovation
• Speed and Passion to Win
• Teamwork and Accountability

Westinghouse offers competitive benefits to all our employees around the globe to keep them healthy and enhance their well-being.  In the U.S. the following are representative of what we offer:

• Competitive Salary
• Comprehensive Health, Wellness and Income Protection Benefits
• 401(k) Savings Plan with Company Match
• Paid Vacations and Holidays
• Opportunities for Flexible Work Arrangements
• Educational Reimbursement Program
• Employee Referral Program

While our Global Headquarters are located in Cranberry Township, PA, we have over 9,000 employees working at locations in 19 different countries. You can learn more by visiting http://www.westinghousenuclear.com.

EOE of Minorities / Females / Vets / Disability.

Get connected with Westinghouse on social media:
Twitter | Facebook | LinkedIn| YouTube