Operational Technology Cybersecurity Engineer, Global

About Vantage Data Centers

Vantage Data Centers powers, cools, protects and connects the technology of the world’s well-known hyperscalers, cloud providers and large enterprises. Developing and operating across North America, EMEA and Asia Pacific, Vantage has evolved data center design in innovative ways to deliver dramatic gains in reliability, efficiency and sustainability in flexible environments that can scale as quickly as the market demands.

Position Overview

The Vantage Cybersecurity Department is very hands-on. In most cases, we deploy, configure  and maintain all OT cyber monitoring equipment. We provide governance for the purchase, configuration, and maintenance on the OT environment with a keen focus on cybersecurity measures. We also work closely with partner Value Added Resellers (VARs) to learn about the latest technological changes and cybersecurity trends so that we can make informed purchase decisions. We are always looking for ways to strike the best balance between technology, performance, cost, and cybersecurity. Vantage Cybersecurity Department also participates in designing each of our new data center building’s cybersecurity infrastructure. If you like getting your hands dirty and helping to design, build, and maintain cybersecurity infrastructure in a modern data center, then come work at Vantage. We’re expanding with many new builds, enhancing our focus on safeguarding data and infrastructure in the face of evolving cyber threats.

The ICS/OT (Industrial Control Systems/Operational Technology) Cybersecurity Engineer will be part of a team responsible for protecting a rapidly expanding global enterprise. The Cybersecurity Engineer will audit the Industrial Control System / Operational Technology (ICS/OT) environment and perform risk/vulnerability assessments leading to the development of an enterprise strategy/design plan. The Cybersecurity Engineer will lead implementation (hands-on configuration) of the cybersecurity ICS/OT systems.

Additional responsibilities include research, classification, and root cause analysis of security events that occur within the environment. The ideal candidate will have security industry knowledge that evolves with current and emerging vulnerabilities and threats, as well as an ongoing understanding of key business and technological processes.

Responsibilities

• Utilize the tools to take inventory of the environment’s hardware and software assets and assessing those assets for security vulnerabilities, obsolescence, and other risks.

• Conducting cyber mission dependency, criticality, mission failure, and adversary cyberattack scenario analyses to inform design of OT resilient architectures.  

• Researching, developing, operationalizing, evaluating, and improving OT defensive tactics, techniques, and procedures (TTPs) for detecting and responding to cyber threats

• Researching and developing OT Cyber Resiliency solutions including developing and operationalizing OT/ICS SCADA cyber defense architectures

• Collaborating with different departments to remediate and validate remediation of the vulnerabilities or identified issues

• Partner with other departments to review network architectures and determine if security best practices are being utilized.

• Work with vendors to ensure detailed diagrams, procedures, and plans are created and maintained for each deployment.

• Maintain and create documentation as needed

• Perform assessments against best practices and industry benchmarks including participating in audits

• Developing and operationalizing cyber sensor and cyber analytics architectures to enable more efficient and effective OT cybersecurity operations, threat-hunting, and forensics analysis.

• Represent the Cybersecurity team in meetings with the client’s vendors and stakeholders.

• Maintain awareness of industry trends, threats, and tools used to support enterprise security.

• Perform other ad hoc duties to support the company’s security goals.

Job Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or related focused technical training or 4 additional years of engineering experience that may have been acquired in the military or public sectors.

• 3 years of experience performing security assessments in an OT environment.

• Strong understanding of cybersecurity frameworks for ICS/OT environments

• Strong understanding of OT network communication protocols and industrial networking topologies.

• Familiarity with NIST (National Institute of Standards and Technology) Special Publication 800-61 Revision 2, Computer Security Incident Handling Guide.

• Familiarity with NIST (National Institute of Standards and Technology) Special Publication 800-82

• Comprehensive knowledge of internet protocols, firewalls, proxies, and intrusion detection/prevention systems.

• Familiarity/Knowledge of the Perdue Enterprise Reference Architecture (PERA)

• Certifications for SANS (SysAdmin, Audit, Network and Security) GIAC (Global Information Assurance Certification) Global Industrial Cyber Security Professional (GICSP), GIAC Response and Industrial Defense (GRID), Critical Infrastructure Protection are preferable.

• Certified SCADA Security Architect (CSSA) preferable

• Understanding of MITRE ATT&CKS for ICS or NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Plan) frameworks

• Understanding of general cybersecurity frameworks (ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53), and Guide to Industrial Control Systems (ICS) Security (NIST SP800-82)

• A working knowledge of industrial control systems (e.g., Distributed Control System (DCS), Programmable Logic Controller (PLCs), Supervisory Control and Data Acquisition (SCADA), etc.)

• Demonstrable understanding of project/program management techniques and methods

• Strong Microsoft Excel skills required

• Excellent written and verbal communication skills with transparent and timely communication

• Expected travel is less than 20% but may be higher during construction projects. May grow and evolve over time

• Provide 24/7 support. Ability to work a non-traditional schedule, including evenings, weekends, and holidays.

Preferred Requirements

• Security Certifications such as ISC2 Certified Information Systems Security Professional (CISSP), CompTIA Security+, CompTIA Network + or ISACA Certified Information Security Manager (CISM)

• ISA/IEC 62443 Cybersecurity Certificates preferable

• EC Council Certified Ethical Hacker (CEH), or Formal IT Security/Network Certification such as SANS GIAC Certified Intrusion Analyst (GCIA), SANS GIAC Network Forensic Analyst (GNFA),

• Data Center experience is strongly preferred, but not required

• Experience with one or more of the following:

  • Building Management Systems (BMS)

  • Mobile

  • Architectures including Windows or Linux server software and technologies

  • HA and redundancy configurations

  • Cloud and virtualization software and services

  • Hyper scaling

We operate with No Ego and No Arrogance. We work to build each other up and support one another, appreciating each other’s strengths and respecting each other’s weaknesses. We find joy in our work and each other, actively seeking opportunities to inject fun into what we do. Our hard and efficient work is rewarded with an above market total compensation package. We offer a comprehensive suite of health and welfare, retirement, and paid leave benefits exceeding local expectations.

Throughout the year, the advantage of being part of the Vantage team is evident with an array of benefits, recognition, training and development, and the knowledge that your contribution adds value to the company and our community.

Don't meet all the requirements? Please still apply if you think you are the right person for the position. We are always keen to speak to people who connect with our mission and values.

Vantage Data Centers is an Equal Opportunity Employer

Vantage Data Centers does not accept unsolicited resumes from search firm agencies. Fees will not be paid in the event a candidate submitted by a recruiter without an agreement in place is hired; such resumes will be deemed the sole property of Vantage Data Centers.