FM Research Cybersecurity Graduate Co-op - MITRE ATT&CK for ICS

Overview

FM is a leading property insurer of the world's largest businesses, providing more than one-third of FORTUNE 1000-size companies with engineering-based risk management and property insurance solutions. FM helps clients maintain continuity in their business operations by drawing upon state-of-the-art loss-prevention engineering and research; risk management skills and support services; tailored risk transfer capabilities; and superior financial strength. To do so, we rely on a dynamic, culturally diverse group of employees, working in more than 100 countries, in a variety of challenging roles.

We are seeking a highly motivated and detail-oriented co-op student to join our cybersecurity team. The successful candidate will contribute to the continuous development of cyber mitigation strategies for Operational Technology (OT) environments, leveraging the MITRE ATT&CK for ICS matrix. This position offers hands-on experience in designing attack experiments, evaluating mitigation techniques, and supporting the development of testbeds for validating security measures. The co-op student will also be involved in producing technical documentation and utilizing threat intelligence to enhance our cybersecurity posture.

Responsibilities

• Testbed Support
  • Assist in the development and maintenance of testbeds for validating cyber mitigation strategies.
  • Interest in configuring and troubleshoot hardware and software components within the testbed environment, including industrial devices (PLC, HMI, DCS, RTU, etc.) and industrial software (e.g. OPC UA/DA, PI, historians, user repositories, firewall management including inspection, etc.).
• MITRE ATT&CK for ICS Expertise
  • Leverage MITRE ATT&CK for ICS matrix to understand adversarial tactics, techniques, and procedures in industrial control systems.
  • Research and propose mitigation strategies to address specific threats identified within the MITRE ATT&CK for ICS framework.
• Run Experiments
  • Design and document attack experiments to simulate real-world cyber threats against OT environments.
  • Focus on attack strategies that are shifting from immediate exploitation to establishing persistent footholds within OT environments.
  • Incorporate techniques such as exploiting supply chains and "living off the land".
• Analysis of Run Experiments
  • Evaluate the effectiveness of proposed IT and OT mitigation strategies in preventing or mitigating the impact of simulated attacks.
  • Analyze the results of experiments and provide recommendations for improving mitigation techniques.
• Technical Documentation
  • Produce clear and concise slipsheets, technical reports, and presentations summarizing research findings and experimental results.
  • Document IT and OT attack methodologies, mitigation strategies, and testbed configurations.
• Threat Intelligence and Research
  • Leverage threat intelligence feeds and research capabilities to stay informed about emerging cyber threats and vulnerabilities.
  • Analyze threat intelligence data to identify relevant threats to our OT environment and propose proactive security measures.
  • Use platforms and frameworks to improve and automate threat research.

Qualifications

• Currently enrolled in a Master's degree program in Cybersecurity, Computer Science, Engineering, or a related field.
• Familiarity with industrial control systems (ICS) and operational technology (OT) concepts.
• Understanding of cyber-attack methodologies and mitigation techniques.
• Knowledge of the MITRE ATT&CK framework, particularly the ICS matrix.
• Interest in designing and conducting experiments or simulations.
• Analytical and problem-solving skills.
• Fluency in English, written and verbal communication skills.
• Ability to work independently and as part of a team.

Preferred Skills

• Experience with penetration testing or ethical hacking.
• Knowledge of network security principles and technologies.
• Familiarity with scripting languages such as Python or PowerShell.
• Experience with virtualization technologies such as VMware or VirtualBox.
• Understanding of threat intelligence concepts and tools.

This co-op position offers a valuable opportunity to gain practical experience in the field of OT cybersecurity and contribute to the development of innovative mitigation strategies.

This is an in-office role based in Norwood, MA.  Temporary relocation support provided for selected qualified candidate.

FM is an Equal Opportunity Employer and is committed to attracting, developing, and retaining a diverse workforce. 

#LI-TA1