About the Organization
Schneider Electric SE is a French multinational company that specializes in digital automation and energy management. It addresses homes, buildings, data centers, infrastructure and industries, by combining energy technologies, real-time automation, software, and services.
Payroll: Vision India Service Pvt Ltd
Role & Responsbility :
• In depth understanding of operating systems, network/system architecture, and IT (Information Technologies) or/and OT (Operation Technologies) architecture design
• Reviewing network architectures and determining if good practices are being followed (e.g., the “zones & conduits” concept, proper network segmentation, use of Industrial DMZ, etc.); and providing recommendations to comply with applicable
• Experience with security technologies such as firewall, IDS/IPS, endpoint security solutions, proxies, and other related security technologies
• Reviewing security policies, plans, and procedures; assessing network monitoring capabilities; analyzing system logs, security events, and packet captures to identify security threats; and providing recommendations to comply with applicable cybersecurity framework
• Creating detailed diagrams (e.g., network, cabling, server, rack, logical architecture, etc.), procedures, and plans (e.g., implementation, SAT, mitigation, etc.) as needed to support projects
• Travel to the client’s site as required
• Collaborate with Engineering teams to implement new OT Cybersecurity technologies
• Experience working in security operations environments, experience with key security operations technologies such as SIEM and log aggregation (e.g., ArcSight, Splunk ES, IBM QRadar etc.)
• Experience with operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS)
• Strong understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST SP 800-82, CIS, etc.)
• Responsible for the security attribute of quality for the solution
• Responsible to meet security requirement, known threats have been mitigates, known vulnerabilities, security level is maintained
• Understanding of IT and OT network communication protocols (including TCP/IP, UDP, DNP3, Modbus, OPC).
• Recommend necessary corrective and preventive actions to reduce the risk
• Know how to run Nessus and vulnerability scanners and provide the outcome.
• Know how to use the CVSS scoring tool for security bugs and provide the outcome.
• Track all Cybersecurity issues to closure
Addon/Optional Skills/qualifications
• Security certifications (e.g. IEC 62443, 270001, GICSP, GRID, GCIP, Security+, GCIA, GCIH, OSCP, CEH, etc.)
• Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources
• Experience with cyber, security engineering, security operations, computer network operations, information operations, information warfare, or topical cyber
• Experience with Incident Response (IR), Cyber Threat Intelligence (CTI) and Threat Defense Operation (TDO) functions
• Serves as the escalation point for security issues related to OT Cybersecurity.
• Assists in the development and knowledge transfer to team members, as well as other enterprise groups
• Understanding of IT and OT network communication protocols (including TCP/IP, UDP, DNP3, Modbus, OPC) and ability to perform packet analysis
• Understanding of threats, vulnerabilities, and exploits in ICS environments and appropriate mitigation techniques
• Experience with OT Cybersecurity Solution (eg. Dragos, Claroty, Nozomi, Indegy, etc.)
• Experience with Digital Forensics
• Facilitate external penetration testing and contribute to the Certification
• Participate in the Threat Modeling Process and document tests for the requirements that will be produced from this exercise
Preferable Attributes:
• Strong personality
• Critical as well as Creative thinker
• Self-Motivated • Collaborative, Committed, Accountable team player
• Self-Learner