Cyber Security Engineer/NERC CIP Consultant

Job Number:
Job Category:
Cyber Security
Day Job
Potential for Teleworking:
Clearance Level Must Currently Possess:
Clearance Level Must Be Able to Obtain:
The Cyber Security Engineer/NERC CIP Consultant will execute assignments in our Compliance & Critical Infrastructure Protection Group in the area of cyber security, Control/SCADA system security, NERC CIP compliance, preparation of documentation in support of audits, conducting cyber security and vulnerability assessments, network design, and contributing to the development of NERC CIP and NIST compliant programs at client sites across U.S and Canada. Candidate will work collaboratively with other groups and divisions. Ideal candidate must be detail oriented with good analytical and risk assessment skills and strong listening, written and computer communication skills for reporting and auditing purposes.
  • Perform detailed technical analysis of Industrial Control Systems (ICS) and cyber security controls.
  • Identify cyber security gaps and recommend mitigations to address gaps
  • Conduct critical electric infrastructure vulnerability assessments for both compliance and security purposes.
  • Perform detailed, post event analysis of cyber  events, and direct needed Incident response procedures
  • Maintain knowledge of the cyber security capabilities of operating systems, networking devices, control systems, and vendor offerings.
  • Maintain a broad knowledge of current and emerging state-of-the-art computer/network systems technologies, architectures, and products.
  • Maintain a working knowledge of applicable cyber security standards involving electric power systems, including those relating to process networks.
  • Work methodically and analytically in a quantitative problem-solving environment.
  • Resolve technical issues considering business impact, and be able to communicate issue resolutions  to IT and OT organizations
  • Execute the planning, design, development and implementation of technical controls, procedures and policy associated with compliance to NERC CIP regulatory requirements and NIST cyber security guidance
  • Develop policies & procedures, secure process control network design, technical and design recommendations for the implementation of firewalls and other network security and compliance controls.
  • Create conceptual designs and specifications for SCADA/EMS/DCS systems, including integrating these systems with various substation automation schemes.

  • Bachelor’s degree required, in Computer Engineering, Electric Engineering, or a related technical field with appropriate experience.
  • Minimum of 7 years’ experience in related systems.
  • Understanding of security principles and good knowledge of cyber security technologies, backed up with suitable credentials or certifications.
  • Experience with cyber security vulnerability assessments, penetration tests, and the tools/techniques involved in both.
  • Experience in the capabilities and/or configuration of cyber security controls, specifically those relating to firewalls, , intrusion detection systems, access control, authentication, anti-virus/anti-malware, patching and hotfix, logging.
  • General knowledge of control systems in use in the Electric Power sector, specifically those in Generation, Substation and Control Centers.
  • Strong effective written and oral communication skills.
  • Strong analytical and critical thinking skills.
  • Ability to operate under pressure and under tight deadlines, to operate in on-site industrial (Electric Power) work, and occasional night and weekend work.
  • Demonstrated capability to make sound decisions based on good security practices and principles.
  • Demonstrated understanding of business principles and operational security practices specific to engineering and/or security consulting.
  • Experience with corporate policies and procedures and/or technical writing skills.
  • Experience with network routing, switching, and TCP/IP.
  • Experience with physical cabling for network communications and control system I/O.


Leidos Overview:
Leidos is a global science and technology solutions leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems & Global Solutions business (IS&GS). For more information, visit www.Leidos.com. The company’s diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an Equal Opportunity Employer.
Other Locations: