1. Home
  2. Infra / Networks / Telecom
  3. Forensic, ICS Security Professional
Expires soon
Kpmg

Forensic, ICS Security Professional

  • Singapore
  • Infra / Networks / Telecom
Apply Now

Job description

We invite highly motivated and dynamic professionals with relevant experience to join our Risk Consulting - Forensic team.

Candidate shall have proven experience protecting or implementing industrial control systems (ICS) in critical infrastructure and key resource sectors such as Energy, Water, Oil & Gas, Maritime, Aviation, Healthcare, Transportation and Telecommunications.

The ideal candidate shall possess an understanding of ICS fundamentals including but not limited to:
• distributed control system (DCS) and supervisory control & data acquisition (SCADA) architecture and the role of common system components;
• understanding of ICS design considerations with emphasis on human safety and the availability/security of operating environment;
• knowledge of IT and OT security best practices and understanding of the differences;
• understanding of protocols common in ICS environments;
• preparation, review, and maintenance of documents, policies, and standards governing the security operations for ICS equipment and networks;
• familiar with ICS related international and national regulatory standards

The ICS security professional will work closely with KPMG cyber security subject matter experts to design, implement and support the security of ICS networked systems for KPMG's clients. This role must be familiar with security technologies such as firewall logs, IDS, endpoint security solutions, access control systems, and other related security technologies within ICS environment. The ICS Security Professional is required to support incident response and handling in an ICS environment, including investigating computer and network intrusions; remediation support; performing comprehensive computer surveillance/monitoring, identifying vulnerabilities; developing secure network designs and protection strategies, and audits of information security infrastructure.

The successful candidate will:

• Participate in clients engagements involving (1) ICS Governance, Risk and Maturity Assessments, (2) ICS Policy and Strategy, (3) ICS Security Assessment, Penetration Testing and Red Teaming, and (4) ICS Incident Response and Threat Hunting.
• Support client in maintenance and administration efforts of internal ICS infrastructure (Level 0-2) utilizing strong understanding of ICS environments
• Participate in ICS security incident response through all phases
• Consult on ICS security matters as needed
• Act as a liaison between operations and corporate IT security teams
• Design, implement and manage innovative solutions for complex security and ICS infrastructure environments

The ideal candidate should possess the following:

• 6 - 8 years of relevant experience in ICS cyber security or applicable IT security role with a track record of successful accomplishments and a willingness to learn uniqueness of ICS cyber physical systems
• GICSP, GRID, GCIH, or other relevant industry certifications preferred
• In depth understanding of operating systems, network/system architecture, and IT architecture design
• Experience with operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS)
• Understanding of IT and OT network communication protocols (including TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, and PROFINET) and ability to perform packet analysis
• Understanding of threats, vulnerabilities, and exploits in ICS environments and appropriate mitigation techniques
• Excellent verbal and written communication skills
• Effective interpersonal skills
• Demonstrated ability to lead, motivate, and participate as a team player
• Creative problem solver

Make every future a success.
  • Job directory
  • Business directory
    •