ICS - Principal Field Service Engineer

Warrendale, US

Westinghouse Electric Company

Westinghouse Electric Company is the world's leading supplier of safe, innovative nuclear technology and is shaping the future of carbon-free energy solutions.

View all jobs at Westinghouse Electric Company

Apply now Apply later

Your Role and Responsibilities:

  • Secure Operations Management: Enforce company policies and practices to ensure that all products and systems are compliant with cybersecurity standards. This is a hands-on role that actively participates in security operations. 

  • Security Risk Assessment: Provide input for security risk assessments and compliance audits, identifying potential information and network security vulnerabilities. 

  • Operational Incident Handling: Manage the detection, response, mitigation, and reporting of incidents within the environment. This role is responsible for hands-on incident resolution and actively participating in the incident response process. 

  • Vulnerability Management: Participate in the IT vulnerability management program by classifying vulnerabilities, providing remediation guidance, and working with the team to prioritize and address vulnerabilities. 

  • Compliance and Policy Enforcement: Ensure compliance with relevant cybersecurity compliance regulations. Execute company policies to maintain compliance. 

  • Documentation: Document standard operating procedures and guidelines. Develop, maintain, and publish standards to mitigate risk and influence user behaviors. Assist in reviewing and documenting exceptions to security standards. 

  • Security Technology Evaluation: Investigate and recommend security technologies and solutions to support secure development functions. 

  • Technical Guidance: Provide technical guidance and consultation related to information security issues. This is a hands-on role that actively contributes to the resolution of security challenges. 

  • Process Performance: Actively participate in security processes and procedures, ensuring their effectiveness and efficiency. 

  • Weekly Meetings: Be an active member of secure development meetings, providing updates, insights, and participating in the decision-making process. 

  • Travel up to 85%, typically when deploying systems to the field for installation and commissioning 

  • Maintain in-depth knowledge of Westinghouse deployed solutions for cyber security and distributed control and information systems. 

  • Professional interaction with WEC Customers. 

  

  

Required Technical and Professional Expertise:

  

  • Bachelor's degree in a relevant field or associate’s degree and equivalent experience, coupled with high proficiency operating in Enterprise OT Security. 

  • Proven experience in cybersecurity operations, risk assessment, and incident management, along with demonstrated supervisory experience. 

  • Strong knowledge of cybersecurity best practices, compliance regulations, and industry standards. 

  • Hands-on experience with security tools and technologies. 

  • Excellent communication and teamwork skills. 

  • Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) are a plus. 

  • Minimum 5+ Years of installation and troubleshooting experience in Operational Technology / Information Technology with 5* Years experience leading a large-scale cyber security program. typically, 10+ 

  • Ability to be granted 10 CFR 73.56 Trustworthy and Reliability Clearance for US Nuclear Plant Entry 

  • Professional certifications, such as CISSP, GIAC (GSTRT, GLEG, GSLC, GPEN), OSCP, or other applicable technical certifications showing area of expertise from qualified and reputable vendors and certification agencies. 

  • Experience with interpreting Security Control & Program Frameworks such as NIST 800-53, NIST 800-82r2, 20 Critical controls, ISO 27001 & 27002, NEI-08-09, NEI 13-10 into Cybersecurity Program, Policy & Procedures. 

  • Excellent team leadership, technical teamwork, written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. 

  • Strong risk analysis, risk management and proven experience in reducing risk to the organization. 

  

Preferred Technical and Professional Expertise:

  

  • Familiarity with modern enterprise security practices both on-premises and Cloud. 

  • Demonstrated internal team collaboration and external vendor management. 

  • Demonstrated experience with VMWare and ESXi. 

  • Familiarity with Rapid7 Vulnerability Management tools. 

  • Familiarity with current and legacy Windows and Linux operating systems. 

  • Demonstrated experience with Security Audit Assessments 

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: Audits CISM CISSP Clearance Cloud Compliance CompTIA GIAC GPEN GSLC ICS Incident response ISO 27001 Linux Network security NIST NIST 800-53 Nuclear OSCP Risk analysis Risk assessment Risk management Vendor management VMware Vulnerabilities Vulnerability management Windows

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.