3+ years experience preferably in multiple security domains including security strategy and risk management, security assessments, framework and operating model development, GRC implementation, vulnerability assessment and penetration testing, data leakage prevention, security monitoring tools (SIEM) implementation, threat intelligence, threat hunting, security orchestration automation and response (SOAR), Industrial IoT security, and cloud security management.
5+ years of experience in Utilities industry including hands on exposure to Energy OR Utility T&D systems (SCADA, DMS, OMS, MDMS, AMR/AMI and DERMS).
Preferred experience with Industrial Control System Cybersecurity design, implementation and operations of industrial networks, Process Control Domain network infrastructures. Nice to have: Cisco or Juniper network certifications (associate or professional levels).
Comprehensive working knowledge of one or more of the following: IEC 62443/ISA 99, ISO 27001, NIST SP 800-82, CPNI Good Practice, SANS Top 20 Controls.
Knowledge & Skill Requirements:
Deep industry knowledge of the Utilities Transmission & Distribution segment and strong functional exposure to the Utilities Power Generation and Retail segments.
Deep expertise in the T&D cyber security domain with strong exposure to areas such as cyber security strategy, analysis and operating model design, penetration testing, security assessment, GRC (governance, risk and compliance) implementation, data leakage detection, security monitoring tools implementation, security analytics and threat intelligence, vulnerability management and cloud management.
Strong knowledge of European utility cyber security regulatory requirements.
Strong knowledge of SANS 20 controls framework and other security frameworks (for example, NIST-800 series, NIST IR 7628).
Comprehensive working knowledge of one or more of the following: IEC 62443/ISA 99, ISO 27001, NIST SP 800-82, CPNI Good Practice.
Experience of analyzing business impact and risk exposure as part of diagnostic programs, based on emerging security threats, vulnerabilities and risks
Support proposal work as a Subject Matter Expert providing the necessary inputs and drive / participate in client presentations.
Experience of working with various T&D systems (such as SCADA, DMS, OMS, MDMS, AMR/AMI and DERMS)
Experience in identification of value drivers, creation of business cases and transformation roadmaps for Utilities Transmission and Distribution industry with deep expertise in cyber security implementation strategy, roadmap and execution.
Assessment and gap analysis of the effectiveness of existing Utilities T&D processes, solutions, platforms, and tools against selected business and technology KPIs and strategic goals.
Strong writing skills and experience of producing high calibre reports, papers, presentations, and thought leadership.
Active role in the identification of opportunities by farming existing relationships and growing new networks.
Ability to work independently with minimal supervision and lead global distributed teams.