1356 - Consultant (Cybersecurity)

 

At Black & Veatch, our employee-owners go beyond the project. For over a century, we have been breaking down social, economic and geographic barriers by making life's critical resources accessible to all. Working with us, you will help provide critical expertise as we, along with our valued clients, deliver solutions that positively impact communities around the world. Our professionals are our greatest asset, and we believe nothing is more important than the health, happiness and professional growth of our employee-owners. With a focus on flexible work-life balance options, an expanding and diverse workforce, and limitless career growth opportunities, we will give you our best to help you give us your best, and together we can build a world of difference. 

 

Req Id : 106129 

Opportunity Type : Staff 

Relocation eligible : No 

Full time/Part time : Full-Time  

Contract Hire Only for this Project : No 

Visa Sponsorship Available: [[custVisaSponsorship]] 

Job Summary

The Industrial Cybersecurity Analyst contributes to technical consulting projects and implementation services for critical infrastructure clients. The Industrial Cybersecurity Analyst leverages their technical and industry knowledge of OT networks and industrial cybersecurity to contribute to the completion of multiple engagement phases. In this role, you will assess/support clients’ security posture, develop recommendations to enhance their programs and technologies, and implement recommendations outlined in master plans. This role blends technical capabilities with analysis and technical support. The role requires a wide range of duties, including onsite/online assessments, compliance and standards reviews, security architecture analyses, plan development, and technology implementation and integration. The role also supporting our Industrial Cyber Security Lead in analysis, risk management workshops, as well as the ability to write a customer maturity analysis. The Industrial Cybersecurity Analyst demonstrates capabilities with minimal level of oversight from more senior level professionals. The scope and size of projects they contribute to are generally medium to large in size or they may own a small to moderate portion of a larger project.

Key Responsibilities

Technical Consulting and Implementation Capabilities:

Assess people, process, and technical dimensions of client cybersecurity posture

Develops and write master plans that combine analyses, reviews, and recommendations of client industrial cyber programs, technologies, and networks

Assist workshops, data collection, tabletop exercises and client interviews

Assist asset and vulnerability scanning of customer networks, including the installation of scanning and monitoring technologies

Assist walk-downs of client sites to assess cyber and physical security postures

Applies industrial cybersecurity standards and regulatory requirements (e.g., NERC CIP, NIST, IE62443) to customer programs

Assist technical (e.g., segmentation, hardening, technology integration) and programmatic (e.g., policies, response plans) implementation of master plans and recommendations

Contributes to quality review on own engagements

Develop applicable knowledge bases by using best practices to redefine tools and techniques. Outline specific performance measures, targets, and goals to articulate the business case for realized efficiencies or added value

Challenge client’s current strategy and direction through persuasive discussions. Define competitive advantage and achievable value to the client through use of the strategic change components and metrics.

Formulate issue-based hypotheses and develop analytical plan for testing.

Contribute to analysis of impact of strategic changes by defining linkages and interdependencies.

Utilize specialized knowledge to produce complex work products and solutions across all phases of an engagement

Anticipate and resolve technical problems with minimal technical assistance from others

Develop, present, and defend conclusions, recommendations, and implementation plans Identify technical issues impacting an engagement and proposes solutions

Analyze and apply best practices knowledge of the industry

Contribute to the development of service packages as part of the team’s service offerings

#LI-JC1

 

 

 

Management Responsibilities

Individual Contributor

Preferred Qualifications

Bachelor's Degree or relevant work experience

Has managed/supported significant engagements

Experience applying common OT standards and regulations (e.g., NIST, IE6433, CMMC, NERC CIP)

5+ years in a technical/consulting environment

All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.

Knowledge of business continuity planning and disaster recovery

Knowledge of anti-virus and anti-spam technologies

Knowledge of technology asset management Knowledge of technology hardware and software platforms and systems

Skill in analytical and technical documentation Skill in verbal and written communication

Skill in articulating complex, technical information to both technical and non-technical audiences

Skill in analyzing significant volumes of detailed information and understanding the security implications

Skill in understanding complex systems across diverse technical platforms

Intermediate skill level in Microsoft office and software update tools Intermediate skill level in secure content, network security and web filtering software Intermediate skill level in security vulnerability scanning tools

Ability to balance and manage competing high priority work demands

Ability to build relationships and foster teamwork

Ability to work in a team environment

Ability to conduct sensitive security investigations and maintain confidentiality

Preferred Qualifications

Experience at customer sites Proven experience with OT penetration testing and/or red teaming

Experience with OT Security-by-design and/or new OT in construction

Proven ability to install monitoring technologies (e.g., Nozomi, Dragos, Tenable, Claroty)

Experience scoping technical projects

Proven ability to assess security architectures of OT networks Direct experience in planning and facilitating risk workshops, table-top exercises, and other client-facing work sessions

Experience conducting maturity and technical assessments Proven team leadership and management experience Graduate degree preferred Certifications Other relevant cybersecurity certifications (e.g., Nozomi, Fortinet, Dragos, Tenable) – preferred CompTIA Security+ SANS Certificate in relevant to OT Cyber Security such as GICSP, GICP, ACS, GSEC, GRID, GCIH, CEH, CISM CISSP ISA/IEC 62443 suite of certifications

Work Environment/Physical Demands BandV Office Environment or Client Site Work involves frequent finger/hand manipulation in using a keyboard and mouse.

Work may involve stairs, walking, long moments of standing.

Minimum Qualifications

Bachelor’s Degree or relevant work experience. 4+ years experience in a business/consulting environment.  All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.

Certifications

Certifications related to area of expertise, where applicable preferred.

Work Environment/Physical Demands

Normal office environment

Competencies

Action orientedInterpersonal savvyCustomer focus

Salary Plan

CST: Consulting

Job Grade

003

Black & Veatch Holding Company, its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.

 

Black & Veatch is committed to being an employer of choice by creating a valuable work experience that keeps our people engaged, productive, safe and healthy. We offer professionals an array of health and welfare benefits that vary based on their geographic region and employment status. This may include health, life accident and disability insurances, paid time off, financial programs and more. Professionals may also be eligible for a performance-based bonus program.

 

By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.