| Company | Amyx, Inc. |
|---|---|
| Location | Remote |
| Preferred GIAC Certifications | GICSP, GRID, GCIP |
| Travel | 15% |
| Salary | $130,000 - $160,000 |
| URL | https://careers-amyx.icims.com/jobs/4091/sr.-ot-cybersecurity-engineer/job |
| Contact Name | Dan Fluharty |
| Contact Email | dfluharty/at/amyx.com |
| Expires | 2024-10-18 |
Job Description
Amyx is seeking to hire a Senior Operational Technology Cybersecurity Engineer to support our Defense Logistics Agency (DLA) Cybersecurity Vulnerability Management & Risk Assessment (CVMRA) contract. This is a funded opportunity for immediate hire.
The candidate must live within 100 miles or 2 hours from Tracy, CA; Battle Creek, MI; Columbus, OH; Wright-Patterson AFB, OH; New Cumberland, PA; Fort Belvoir, VA; Richmond, VA; Pearl Harbor, HI; Philadelphia, PA; Red River, TX; or Norfolk, VA. Other locations may be considered on a case-by-case basis.
The ideal candidate will be a self-driven subject matter expert who:
• has a strong background in cybersecurity engineering and/or assessing secure solutions for federal government agencies—preferably DoD;
- has experience assessing/securing OT/ICS systems and is comfortable communicating using the Purdue framework;
- performs well as a virtual worker
• has a working knowledge of key cybersecurity issuances (e.g., NIST SP 800 series, DoDI 8500 series)
• has a high degree of proficiency in conducting risk assessments IAW NIST SP 800-30 and/or the DoDIN Risk Assessment Methodology
• stays current with cybersecurity developments and continually grows in self-defined areas of expertise;
• is an excellent communicator and problem solver;
• understands the importance of problem/scope definition and expectation management;
• dependably delivers high-quality results on time; and
• values attention-to-detail and customer satisfaction.
Responsibilities
The Sr. OT Cybersecurity Engineer role centers on conducting risk assessments and documenting results in accordance with established requirements. This position is primarily OT/ICS-focused, with some IT tasking also. For the most part, work is performed remotely--exceptions are CONUS/OCONUS onsite assessments and limited SIPRnet-related tasking. The candidate must be prepared to travel as needed for the onsite assessments (up to 15%).
Assessment tasks include:
- individual software product evaluations
- targeted risk assessments addressing system vulnerabilities in accordance with NIST SP 800-30
- system risk assessments
- operational risk assessments
Additionally, the engineer may be tasked to:
- provide system cybersecurity engineering support (e.g., requirements analysis, design/analysis of alternatives, etc.)
• serve as cybersecurity representative on assigned working groups
• develop expertise in designated area(s)—as the team’s SME in a given topic, facilitate team learning/growth, assist in related tasks, etc.
• review proposed cybersecurity policies and provide an assessment of the impact to DLA architecture;
• develop and document guides for implementing cybersecurity solutions;
• prepare weekly status reports;
• conduct peer reviews in accordance with established guidelines;
• complete specified Amyx and DoD/DLA training modules;
• other duties as assigned.
• Tools: eMASS, NVD/CVE, Snyk.io, STIG viewer, Forescout eyeInspect, Wireshark
Required qualifications
Minimum Experience:
- Ten (10) years of relevant IT experience
- Five (5) Years of relevant OT experience
DoD Secret Clearance or above
At least one DoD IAT Level III certification: CASP+ CE, CCNP Security, CISA, CISSP, GCED, GCIH, or CCSP
Plus at least one DoD IASAE Level III certification: CISSP-ISSAP, CISSP-ISSEP, or CCSP*
*Candidates lacking an IASAE III certification may be hired on a probationary basis, with the understanding that the certification must be obtained within 6 months of coming on the contract to remain in the position.
At least one of the following: CISA ICS 300 or ICS 401 training certificate of completion; or GIAC GICSP, GRID, GICSP; also acceptable: Microsoft Certified Solutions Associate or Expert, Cisco Certified Network Administrator, Microsoft Azure Security Technologies, Amazon Certified Security
Desired qualifications:
• Degree in CS, CIS, engineering, math, etc.
• Proficient with MS Office (Word, PowerPoint, Excel)
• SharePoint use experience
Benefits include:
Medical, Dental, and Vision Plans (PPO & HSA options available)
Flexible Spending Accounts (Health Care & Dependent Care FSA)
Health Savings Account (HSA)
401(k) with matching contributions
Roth
Qualified Transportation Expense with matching contributions
Short Term Disability
Long Term Disability
Life and Accidental Death & Dismemberment
Basic & Voluntary Life Insurance
Wellness Program
PTO
11 Holidays
Professional Development Reimbursement
