Job Details

About this Position:

Job Title: Senior Cybersecurity Analyst

Responsibilities:

Technical Leadership and Standards Alignment

• Lead the interpretation and application of OT cybersecurity standards including NIST SP 800-82, IEC 62443, and CISA guidance.
• Ensure assessment methods and findings align with industry best practices and regulatory expectations.
• Validate that all recommendations are traceable to identified risks and control gaps.

Network Architecture and Trust Boundary Analysis

• Analyze SCADA network topology, segmentation, and trust zones.
• Evaluate OT–IT integration points, remote access mechanisms, and vendor connectivity.
• Identify exposure points, lateral movement paths, and architectural weaknesses.

Cybersecurity Gap Analysis and Risk Prioritization

• Lead cybersecurity gap analysis against applicable standards.
• Evaluate risks based on operational impact, exploitability, safety implications, and system dependencies.
• Establish risk prioritization logic that supports actionable decision-making.

Security Upgrade and Compensating Control Design

• Define prioritized security upgrade recommendations.
• Develop compensating controls for legacy or end-of-life systems.
• Assess feasibility, operational impact, and implementation considerations.

Target-State Architecture and Roadmap Development

• Design target-state SCADA security architecture.
• Define phased implementation roadmap with sequencing, dependencies, and resilience considerations.
• Support budgetary and resource planning inputs for roadmap execution.

Technical Validation and Review

• Perform senior technical review of asset inventories, diagrams, assessments, and draft deliverables.
• Validate consistency, accuracy, and completeness of technical documentation.
• Support City technical reviews and respond to advanced technical inquiries.

Level of Participation

• Primary Role: Technical leadership, validation, cybersecurity analysis, architecture design, and roadmap development.
• Supportive Role: Oversight of execution activities performed by the Cybersecurity Analyst.

Required Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, Engineering, or related field (or equivalent practical experience).
• 5–8+ years of experience in cybersecurity, with significant hands-on exposure to OT/SCADA/ICS environments.
• Experience supporting or assessing critical infrastructure systems (water, wastewater, electric, energy, or industrial operations).
• Strong understanding of industrial cybersecurity standards, frameworks, and best practices.

Preferred Certifications & Training:

• GICSP, GCED, GRID, Security+, CEH, or equivalent.
• OT/ICS-specific cybersecurity training.
• Vendor-neutral or vendor-specific SCADA security certifications.

Core Technical Skills & Keywords:

• SCADA, ICS, OT cybersecurity.
• Industrial control system risk assessment.
• Asset inventory and lifecycle management.
• Industrial network segmentation and OT-DMZ.
• PLC, RTU, HMI security.
• Industrial protocol analysis.
• Cyber-physical risk management.
• Vulnerability management in OT environments.
• Safety-critical system protection.

"No phone calls please."