Job Descriptions

Other Titles Include

• OT security advisor
• OT security technician
• Security Analyst - ICS/DCS/SCADA

Note: This role is most commonly found in large or medium-sized organizations. 

Reporting relationship

To be completed by the user of this job description as appropriate

Job purpose / summary

Responsible for providing advice and ensuring effective cybersecurity within operations technology (OT) contexts (ICS/DCS/SCADA). Works in concert with systems engineers/technologists from different disciplines that are associated to the systems that are managed through OT (e.g. fluid, power, mechanical systems engineers).

Duties and responsibilities

• Collaborate with key stakeholders to establish an effective cybersecurity risk management program across the OT environment.
• Research and support design of cybersecurity solutions within OT context
• Ensure compliance with the changing laws and applicable regulations
• Draft, implement, and maintain IT/OT security policies, standards, and procedures.
• Monitor and manage cybersecurity requirements and controls across the OT environment
• Assess and analyze cybersecurity posture across OT systems and recommend remediation/risk management for vulnerabilities.
• Working with other stakeholders, support design and development of security solutions to enable business and technical requirements within the OT environment
• Manage the technical integration between IT and OT 
• Define and maintain tool sets and procedures that support monitoring and management of OT
• In concert with other stakeholders, develop cybersecurity incident response plans clearly defining the role of those engaged in management and maintenance of OT systems
• Prepare technical reports
• Develop, deliver, and oversee related cybersecurity training material and educational efforts related to OT

Competencies

Appreciating that not all OT analysts will necessarily have an IT background, the following basic application of the following KSAs are relevant:

• Telemetry systems, data communications, data acquisition and process control;
• Operating systems, networking, and communications systems concepts;
• Electrical distribution networks, power system equipment, transformer station operation and electrical theory;
• Computer and networking troubleshooting and maintenance procedures;
• Network administration principles and practices;
• System life cycle management principles, including software security and usability;
• Database management systems and applications;
• Database administration and optimization;
• System testing and evaluation methodologies and processes;
• Measures or indicators of system performance, availability, capacity, or configuration problems;
• Analysis tools and network protocols;
• Diagnostic tools and fault identification techniques

Advanced application of the following KSAs:

• OT systems software and hardware, programmable logic controllers, and digital and analog relaying;
• Threat and risk assessment to internet connected OT (including implications and assessment of IoT devices)
• Legal and compliance requirements including organizational responsibilities for workplace and public safety related to OT/ production
• Industry standards and best practices, especially related to industrial environments in the cybersecurity space
• Cybersecurity program management, measures and monitoring Control systems – applicable to industry/production environments
• IT/OT integration and convergence
• Process safety and hazard analysis
• Systems analysis and integration
• Problem-solving in complex systems environments
• Technical communications including report writing to address cross- disciplinary technical issues

Tools and Technology

• Strategic and business plans
• Threat and risk assessments
• OT Vulnerability management processes and vulnerability assessments
• Incident management processes and procedures
• Security event and incident management systems and/or incident reporting systems and networks that may be used for OT cybersecurity incidents,
• Cybersecurity risk management processes & policies
• Privacy and security legislation
• Organizational security infrastructure and reporting systems
• OT security tools, techniques and procedures

Direct reports (if appropriate)

To be completed by the user of this job description as appropriate

Qualifications

Education. Bachelor’s degree in computer science, computer engineering or related discipline or equivalent training and experience. 

Specialized training associated with OT cybersecurity as well as system specific tools and techniques required.

Certifications.

To be completed by the user of this job description as appropriate

Other relevant qualifications. Following technical education, often employed in IT or OT systems activities which provide the foundation for more specialized cybersecurity work in the OT environment. Similarly, cybersecurity professionals that normally work in an IT environment, may cross over to OT systems with the benefit of specialized training and education in OT and systems integration.

Key Attributes.

To be completed by the user of this job description as appropriate

Experience. Preferred experience for entry level role requires moderate experience 2-3 years working in the OT environment.

Working conditions (if required)

If the job requires a person to work in special working conditions this should be stated in the job description. Special working conditions cover a range of circumstances from regular evening and weekend work, shift work, working outdoors, working with challenging clients, and so forth.

Physical requirements (if appropriate)

If the job is physically demanding, this should be stated in the job description. A physically demanding job is one where the incumbent is required to stand for extended periods of time, lift heavy objects on a regular basis, do repetitive tasks with few breaks, and so forth.