You are viewing a preview of this job. Log in or register to view more details about this job.

Industrial Control System Specialist - Entry to Experienced Level (Maryland)

National Security Agency (NSA)
Email

Responsibilities

The National Security Agency (NSA) currently has opportunities for highly motivated Industrial Control System (ICS) Specialists/Engineers to provide expertise in the design, construction, commissioning, and operation of new and renovated electrical and mechanical infrastructure. This position has two areas of focus, one within Design and Engineering (D&E) and the other with Operations and Maintenance (O&M). As an ICS Specialist/Engineer within D&E, you will work closely with multidisciplinary teams encompassing project managers, stakeholders, and contractors throughout the entirety of the project life-cycle, including close coordination with O&M. You will also be responsible for the development and review of designs, specifications, technical reports, and cost estimates for power monitoring and control of electrical and mechanical infrastructure, energy management monitoring, and ICS cybersecurity. As an ICS Specialist/Engineer within O&M, you will work closely with ICS Specialists who support many facets of the Industrial Control Systems in the Facilities Control Center (FCC), which is a 24/7 operations center where facilities systems can be effectively monitored and maintained. The ICS team supports power monitoring and control, energy management monitoring and control, the transport network and various Information Technology (IT) and Operational Technology (OT) hardware, components, software, and applications to ensure a robust secure operation of the overall system.

Job Summary

NSA is growing by leaps and bounds and is in need of skilled/experienced Industrial Control System (ICS) Specialists/Engineers to ensure the proper operation and cybersecurity of NSA's and Department of Defense (DoD) ICS, from concept to operation.

Qualifications

The qualifications listed are the minimum acceptable to be considered for the position. Degree must be in Systems and Controls or Control and Instrumentation, or related field (e.g., Computer Science, Electrical Engineering, Mechanical Engineering, Network Engineering, Information Technology, Cybersecurity, Computer Security). Relevant experience must be in industrial control systems, or in the operation, maintenance, design, or modification of facilities. ENTRY/DEVELOPMENTAL Entry is with a Bachelor's degree and no experience. An Associate's degree plus 2 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position. FULL PERFORMANCE Entry is with a Bachelor's degree plus 3 years of relevant experience, or a Master's degree plus 1 year of relevant experience, or a Doctoral degree and no experience. An Associate's degree plus 5 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position. SENIOR Entry is with a Bachelor's degree plus 6 years of relevant experience, or a Master's degree plus 4 years of relevant experience, or a Doctoral degree plus 2 years of relevant experience. An Associate's degree plus 8 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position.

Competencies

Support for Industrial Control Systems require a variety of skills. The successful candidate shall have knowledge/skills in at least one of the following areas and the drive and passion to master many of these functions: - ICS Power Control - Provide support in the area of electrical power control and monitoring systems also known as Supervisory Control and Data Acquisition (SCADA) systems. The candidate should be knowledgeable about or interested in learning about electrical power systems, configuring Schweitzer protective relays, integrating power devices into Real-Time Automation Controllers (RTAC) as well as Programmable Logic Controllers (PLC) programming. Knowledge of the protocols used by these devices, including mirrored bits, Modbus, DNP3, and SNMP, is desired. - ICS Building Automation - Provide support to a variety of technical areas that include HVAC and chilled water distribution systems, coordination of utility outages that impact the ICS and to minimize disruptions to mission systems and support of the ICS installation and oversight of ICS commissioning. Knowledge or interest in learning about the field of building automation and the variety of components used by such systems is preferred. This includes devices such as Direct Digital Controls (DDC), DDC Logic, seniors, and end devices such as, but not limited to Variable Frequency Drives (VFD), dampers, actuators, and valves. - Networking Technologies - The candidate should be knowledgeable about or interested in learning about configuring and troubleshooting Cisco switches and routers. Knowledge of and experience in routing protocols, Port Security, Cisco Identity Services Engine (ISE), Domain Authentication, and VLANs is desired. Additionally, knowledge of best security practices is desired. - Firewalls - The candidate should be knowledgeable about or interested in learning about Cisco firewalls, including Firewall Management Center (FMC) for deployment and management of firewalls. - Information Technology (IT) Management - The candidate should be knowledgeable about or interested in learning about Microsoft Endpoint Configuration Manager (MECM), Microsoft Active Directory (AD), and similar tools used for managing access controls, patch deployments, configuring policies, troubleshooting application issues, and developing/deploying software images. - Network Security - The candidate should be knowledgeable about or interested in learning about multiple topics including, but not limited to, System Information and Event Management (SIEM), including creating anomalies alert dashboards; management of Antivirus (AV) and malware protection; access controls to include Identification, Authentication, Authorization, and Accountability (IAAA), as well as Multifactor Authentication (MFA); cybersecurity framework and policies; Network Discovery and asset management; Network Intrusion Prevention and Detection Systems (IPS/IDS); ICS/SCADA network protocol and vulnerability analysis; ICS/SCADA recovery & mitigation and signature development and implementation; and network penetration testing. A working knowledge of assessment and analytic tools and techniques is a plus. In addition, the candidate shall adapt work methods in response to new information, changing conditions, emergencies or unexpected challenges. Have the ability to articulate viewpoints and answers to customers, peers, and supervisors in an effective manner, both written and orally. Identify and analyze technical issues, report, document, and attend project status briefings. Knowledgeable with calendar scheduling, MS Outlook, MS Word/Excel and office equipment such as copiers, printers and scanners. The ideal candidate demonstrates the following: - Problem Solving - Interpersonal Skills - Partnering - Customer Service - Accountability - Continual Learning - Resilience - Effective Communication Knowledge and experience in one or more of the following is desired: - Reliable power distribution design (high voltage, medium voltage, low voltage) - Substation and generators plant relay protection and control systems - Codes and standards (NFPA, IEEE, etc.) - Technical modeling and simulation software packages (AutoCAD, ETAP, SKM, EasyPower, PowerWorld, etc.) - Cost estimating - Commissioning: Factory witness testing, functional performance testing, and integrated system testing - Building Automation System programming control logic - Creating and modifying Building Automation System graphics - Third party integration via BACnet/Modbus protocols - Managing and securing network infrastructure (e.g. port security, certificate management, etc.) - Applying concepts, principles, and methods for network connectivity (e.g. routing, switching, tunneling, and IP addressing) - Configuring, maintaining, and troubleshooting firewalls and access control lists. - Implementing, configuring, and sustaining computer security (e.g. Active Directory, Domain Policies, Patch Deployment, Antivirus, and Allowlisting) - Employing Secure Technical Implementation Guidance (STIG) and government security standards. - Configuring and supporting Schweitzer Real Time Automation Controllers (RTAC) - Evaluating and documenting PLC programs for electrical power control - Creating and modifying SCADA system graphics and points - Equipment: Transformers, switchgear, switchboards, panelboards, Uninterruptible Power Supply (UPS) systems, Automatic Transfer Switches (ATS), and Static Transfer Switches (STS) - Controls and metering: SCADA, power metering, and electrical control systems - Assisting project teams throughout the project life-cycle - Configuring firewall rulesets and troubleshooting issues - Computer network defense and forensic capability awareness and use - Industrial Control Systems network defense experience a plus - Red and Blue team activities - Computer network monitoring and forensic experience