Consultant Industrial Cybersecurity (34053)
Myticas Consulting, Glen Allen, VA, United States
Industrial Cybersecurity Consultant
STSI is seeking a detail-oriented Cyber Security Consultant with investigative skills to conduct security audits, remediate issues, and implement change plans across IT and OT environments. Candidates should have experience assessing security and PLC controls, maintaining up-to-date knowledge of guidance from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), and familiarity with Allen Bradley PLC and Modbus PLC protocols.
Type:
Full-time Contract – W2 ONLY (U.S. Citizen only)
Compensation:
$50.00 – $60.00 per hour
# of Positions:
3–5
Location:
Richmond, VA and Glen Allen, VA
Travel:
80%–100% – only local Virginia candidates willing to drive to various sites
Expense:
Miles, hotel (when required), and food reimbursed
Schedule:
Daylight, Monday through Friday
Reports to:
Director of Network & Endpoint Security, Project Manager & Delivery Lead
Position Summary The Cybersecurity Consultant will independently execute significant portions of projects addressing Information Technology (IT) and Industrial Control System security. Responsibilities include network penetration testing, web application testing, vulnerability assessments, secure system design, integration, and development of cybersecurity programs at client sites across the U.S. and Canada. Projects will utilize the NIST Cybersecurity Framework, NIST Risk Management Framework, and other industry or data‑specific compliance frameworks.
Responsibilities
Maintain the highest level of integrity, protecting the confidentiality and security of all client and project information.
Identify and diagnose operational issues and implement design alterations to address them.
Conduct network penetration tests and vulnerability assessments of IT and OT networks for compliance and security purposes.
Perform detailed post‑event analysis of unusual events and direct necessary procedure or process changes.
Pursue, obtain, and maintain industry‑recognized IT certifications related to cybersecurity (e.g., ethical hacking, network engineering, industrial control system, SCADA, risk management).
Resolve technical issues, analyze implications to the client's business, and communicate findings to stakeholders.
Develop policies and procedures for secure process control network design, and recommend technical and design controls for firewalls and other network security measures.
Compile technical documentation of network traffic and firewall services, including explanations and diagrams.
Collaborate with other groups and divisions within the company.
Perform other duties as assigned.
Comply with all policies and standards.
Required Experience
Bachelor’s degree in Cybersecurity, Computer Science, Computer Engineering, Electrical Engineering, or a related technical field and minimum 3 years of related experience.
Advanced knowledge of security principles and cybersecurity technologies, including industry‑recognized certifications.
Experience with cybersecurity vulnerability assessments and penetration tests.
Experience with configuration and capabilities of cybersecurity controls (firewalls, access control, authentication, anti‑virus/anti‑malware, patching, logging).
Advanced knowledge of control systems used in utilities, manufacturing, oil and gas, transportation, smart buildings, and cities.
Strong written and oral communication skills.
Strong analytical and critical thinking skills.
Ability to work under pressure and tight deadlines, in on‑site industrial, corporate, and government settings.
Demonstrated capability to make sound decisions based on solid security practices and principles.
Understanding of business principles and operational security practices specific to engineering and/or security consulting.
Knowledge of corporate policies and procedures.
Strong technical writing skills and experience with modern and legacy computer networking and telecommunications.
Experience with physical cabling for network communications and control system I/O.
Ability to obtain and maintain access to current and future client sites.
Equal Opportunity Statement We are an Equal Opportunity Employer and do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other legally protected status. All qualified applicants will receive consideration for employment without regard to any of these characteristics.
#J-18808-Ljbffr
Type:
Full-time Contract – W2 ONLY (U.S. Citizen only)
Compensation:
$50.00 – $60.00 per hour
# of Positions:
3–5
Location:
Richmond, VA and Glen Allen, VA
Travel:
80%–100% – only local Virginia candidates willing to drive to various sites
Expense:
Miles, hotel (when required), and food reimbursed
Schedule:
Daylight, Monday through Friday
Reports to:
Director of Network & Endpoint Security, Project Manager & Delivery Lead
Position Summary The Cybersecurity Consultant will independently execute significant portions of projects addressing Information Technology (IT) and Industrial Control System security. Responsibilities include network penetration testing, web application testing, vulnerability assessments, secure system design, integration, and development of cybersecurity programs at client sites across the U.S. and Canada. Projects will utilize the NIST Cybersecurity Framework, NIST Risk Management Framework, and other industry or data‑specific compliance frameworks.
Responsibilities
Maintain the highest level of integrity, protecting the confidentiality and security of all client and project information.
Identify and diagnose operational issues and implement design alterations to address them.
Conduct network penetration tests and vulnerability assessments of IT and OT networks for compliance and security purposes.
Perform detailed post‑event analysis of unusual events and direct necessary procedure or process changes.
Pursue, obtain, and maintain industry‑recognized IT certifications related to cybersecurity (e.g., ethical hacking, network engineering, industrial control system, SCADA, risk management).
Resolve technical issues, analyze implications to the client's business, and communicate findings to stakeholders.
Develop policies and procedures for secure process control network design, and recommend technical and design controls for firewalls and other network security measures.
Compile technical documentation of network traffic and firewall services, including explanations and diagrams.
Collaborate with other groups and divisions within the company.
Perform other duties as assigned.
Comply with all policies and standards.
Required Experience
Bachelor’s degree in Cybersecurity, Computer Science, Computer Engineering, Electrical Engineering, or a related technical field and minimum 3 years of related experience.
Advanced knowledge of security principles and cybersecurity technologies, including industry‑recognized certifications.
Experience with cybersecurity vulnerability assessments and penetration tests.
Experience with configuration and capabilities of cybersecurity controls (firewalls, access control, authentication, anti‑virus/anti‑malware, patching, logging).
Advanced knowledge of control systems used in utilities, manufacturing, oil and gas, transportation, smart buildings, and cities.
Strong written and oral communication skills.
Strong analytical and critical thinking skills.
Ability to work under pressure and tight deadlines, in on‑site industrial, corporate, and government settings.
Demonstrated capability to make sound decisions based on solid security practices and principles.
Understanding of business principles and operational security practices specific to engineering and/or security consulting.
Knowledge of corporate policies and procedures.
Strong technical writing skills and experience with modern and legacy computer networking and telecommunications.
Experience with physical cabling for network communications and control system I/O.
Ability to obtain and maintain access to current and future client sites.
Equal Opportunity Statement We are an Equal Opportunity Employer and do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other legally protected status. All qualified applicants will receive consideration for employment without regard to any of these characteristics.
#J-18808-Ljbffr