IIT Inc. Home

IIT Jobs Data Bank-Job Detail

Submit Resume For This Job (via email)
Follow us on LinkedIn or Twitter or Facebook
Follow us on Facebook Follow us on LinkedIn
ID Location Skills $$ Job Type Status
11852 Downtown Manhattan, NY 10004 IT Security Analyst: ICS-SCADA, Incident Response (IR) planning, DOE Contract OPEN
If you are unable to click on links above to submit resume, you may email your resume to

Subject=IIT Career Site/Resume for JobID=11852 (IT Security Analyst: ICS-SCADA, Incident Response (IR) planning,) in Downtown Manhattan NY 10004 (AMI)

Estimated Length: 12 Months Work hours:37.50 Est. OT Hrs/Wk:10.00


This job is primarily responsible for developing Incident Response (IR) plan documentation related to Cyber Security Operation Center (CSOC), Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA).

This position at the Client is a highly skilled, demanding position with up-to-date, expert security knowledge of ICS-SCADA systems. These systems including but are not limited to the following:

3. Network & Security infrastructure, Communication and internet security systems, Firewalls, Intrusion Protection Systems, Remote Access VPN, Proxy, Wireless Security, NAC, Enterprise ID Management systems, Database, computer systems, security event analysis and forensic investigation.

1. Controlling Power, Train Signaling, Communications, Ventilation, Water Pumping, Physical Security, Building Management, HVAC, and Traffic Management systems.
2. Supervisory computers, Remote terminal units, Programmable logic controllers, Communication infrastructure, and Human-machine interfacesThis Candidate must have industry standard security information on current trends, and evolving security of vendor products utilized in ICS-SCADA technology, experience with developing IR plans, procedures, and playbooks. Specific transportation industry related knowledge and experience is a plus.

OT Incident Response Preparedness
This position will interface with various Client -IT (Information Technology) and Agency operational technology (OT) departments to organize and conduct workshops with key managers, team members, stakeholders, and technical leaders within the organization to layout step by step process for incident response plan as it relates to cyber security and ICS/SCADA OT systems. These workshops will review existing Client -IT and OT incident response plans, technologies deployed and log sources in place to detect, analyze, and respond to various types of breaches.

The candidate will Provide procedures and recommendations on necessary steps to keep these documents up to date:
1. Identify and document all critical assets in OT environment
2. Layout dependencies of various systems and components in OT and IT environments.
3. Identify and document critical data sources for logging and monitoring various use cases.
4. Setup meetings with various IT and OT departments to identify and document interdependencies and key stakeholders.
5. Document step by step incident response plan from OT and IT prospective.
6. Metrics for measuring response and restoration capability and capacity of OT systems
7. Assess backup and restoration capabilities for OT systems and provide recommendations for improvement
8. Assess patching and vulnerability remediation capabilities for OT systems and provide recommendations for improvement
9. Where applicable, determine scope and capabilities of vendors/third parties when not managed in-house.
10. Document IR plan roles, contact and gaps of all third party vendors supporting ICS/SCADA systems.
11. Proper containment, remediation and recovery procedures for OT technology (software and hardware) deployment.

OT Incident Response Plan and Playbook Development
The candidate will work to develop custom deliverables specific to the Client OT environment. The Client's existing IT IR Plan could be leveraged to develop a specific OT IR Plan, with Playbooks and proper OT containment, remediation and recovery procedures. Playbooks to be developed will include but are not limited to the following US-CERT Categories:
1. Playbook 1: CAT 1 – Unauthorized Access / Accounts compromised
2. Playbook 2: CAT 2 –DOS
3. Playbook 3: CAT 3 – Ransomware
4. Playbook 4: CAT 4 – Improper Usage (USB Infections, Policy Violations, Equipment Theft or Loss)
5. Playbook 5: CAT 5 – Scans / Probes / Attempted Access / CVE Exploits / SQL Injections / Protocol Abuse
As part of IR Plan and playbook development, the candidate will identify existing processes and controls associated with investigation and remediation of OT security incidents and adapt and customize the playbook(s) to be in-line with technology, staffing and skillset level as well as industry best practices. The candidate will also develop the process for maintaining the incident playbook(s).
The following desired knowledge, skills, and abilities are required for this position.
Excellent organizational, decision making and communications skills. Excellent knowledge of cyber security and ICS-SCADA operations with a solid understanding of the technology used within the transportation industry. Good to excellent attention to detail. Excellent creative problem-solving abilities coupled with a desire to take on responsibility. Strong team player and people skills with the ability to engage and motivate fellow staff members to drive results. Ability to handle multiple tasks in a fast-paced environment and prioritize highly varied work in order to maintain required productivity levels. Ability to communicate technical info and ideas so others will understand. Ability to make appropriate decisions considering the relative costs and benefits of potential actions. Ability to apply varying team player traits that create solutions and results to unexpected situations. Ability to assist and motivate less experienced team members to achieve our goals.

Additional Skills and Information:

Technical writing skills, development of incident response plans for ICS-SCADA environments


Submit Resume For This Job (via email)
Don't See a Position Matching Your Skills?
Click here to Email / Register your resume and be notified of future job openings.
About IIT:

Founded in 1995, IIT is a leading provider of Workforce Solutions to Government and Fortune-1000 organizations. IIT is a winner of Inc-500 award. IIT's core services include:

  • Consulting for projects / IT Outsourcing
  • IT staffing (Contract / Temporary / Contingent / Consulting)
  • Custom Workforce Solutions
  • Recruitment Process Outsourcing (RPO)
  • Headquartered in New York, IIT has over 400 consultants deployed at Client Sites. Other IIT highlights include

  • Winner of Inc-500 award 2 consecutive years
  • Winner of Ernst & Young / USPAACC Fast-50 award 2 consecutive years
  • Winner of USPAACC Top-10 Award in the Northeast US
  • IBM Business Partner
  • Oracle Business Partner
  • Adobe Business Partner
  • NYSA Member - New York Staffing Association - Regional Affiliate of ASA / American Staffing Association
  • NYS MBE certified
  • Our Consultants love working for IIT

  • Competitive compensation
  • W2 or C2C
  • Biweekly Direct Deposit for W2 Consultants
  • Visa and Green Card sponsorship opportunities for qualified individuals
  • Local contact for you to meet and talk to anytime (not someone sitting overseas in a different time zone)
  • Follow us on LinkedIn or Twitter or Facebook

    IIT is an Equal Opportunity Employer