ICS - Principal Field Service Engineer
Warrendale, US
Westinghouse Electric Company
Westinghouse Electric Company is the world's leading supplier of safe, innovative nuclear technology and is shaping the future of carbon-free energy solutions.Your Role and Responsibilities:
-
Secure Operations Management: Enforce company policies and practices to ensure that all products and systems are compliant with cybersecurity standards. This is a hands-on role that actively participates in security operations.
-
Security Risk Assessment: Provide input for security risk assessments and compliance audits, identifying potential information and network security vulnerabilities.
-
Operational Incident Handling: Manage the detection, response, mitigation, and reporting of incidents within the environment. This role is responsible for hands-on incident resolution and actively participating in the incident response process.
-
Vulnerability Management: Participate in the IT vulnerability management program by classifying vulnerabilities, providing remediation guidance, and working with the team to prioritize and address vulnerabilities.
-
Compliance and Policy Enforcement: Ensure compliance with relevant cybersecurity compliance regulations. Execute company policies to maintain compliance.
-
Documentation: Document standard operating procedures and guidelines. Develop, maintain, and publish standards to mitigate risk and influence user behaviors. Assist in reviewing and documenting exceptions to security standards.
-
Security Technology Evaluation: Investigate and recommend security technologies and solutions to support secure development functions.
-
Technical Guidance: Provide technical guidance and consultation related to information security issues. This is a hands-on role that actively contributes to the resolution of security challenges.
-
Process Performance: Actively participate in security processes and procedures, ensuring their effectiveness and efficiency.
-
Weekly Meetings: Be an active member of secure development meetings, providing updates, insights, and participating in the decision-making process.
-
Travel up to 85%, typically when deploying systems to the field for installation and commissioning
-
Maintain in-depth knowledge of Westinghouse deployed solutions for cyber security and distributed control and information systems.
-
Professional interaction with WEC Customers.
Required Technical and Professional Expertise:
-
Bachelor's degree in a relevant field or associate’s degree and equivalent experience, coupled with high proficiency operating in Enterprise OT Security.
-
Proven experience in cybersecurity operations, risk assessment, and incident management, along with demonstrated supervisory experience.
-
Strong knowledge of cybersecurity best practices, compliance regulations, and industry standards.
-
Hands-on experience with security tools and technologies.
-
Excellent communication and teamwork skills.
-
Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) are a plus.
-
Minimum 5+ Years of installation and troubleshooting experience in Operational Technology / Information Technology with 5* Years experience leading a large-scale cyber security program. typically, 10+
-
Ability to be granted 10 CFR 73.56 Trustworthy and Reliability Clearance for US Nuclear Plant Entry
-
Professional certifications, such as CISSP, GIAC (GSTRT, GLEG, GSLC, GPEN), OSCP, or other applicable technical certifications showing area of expertise from qualified and reputable vendors and certification agencies.
-
Experience with interpreting Security Control & Program Frameworks such as NIST 800-53, NIST 800-82r2, 20 Critical controls, ISO 27001 & 27002, NEI-08-09, NEI 13-10 into Cybersecurity Program, Policy & Procedures.
-
Excellent team leadership, technical teamwork, written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
-
Strong risk analysis, risk management and proven experience in reducing risk to the organization.
Preferred Technical and Professional Expertise:
-
Familiarity with modern enterprise security practices both on-premises and Cloud.
-
Demonstrated internal team collaboration and external vendor management.
-
Demonstrated experience with VMWare and ESXi.
-
Familiarity with Rapid7 Vulnerability Management tools.
-
Familiarity with current and legacy Windows and Linux operating systems.
-
Demonstrated experience with Security Audit Assessments
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISM CISSP Clearance Cloud Compliance CompTIA GIAC GPEN GSLC ICS Incident response ISO 27001 Linux Network security NIST NIST 800-53 Nuclear OSCP Risk analysis Risk assessment Risk management Vendor management VMware Vulnerabilities Vulnerability management Windows
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.