Cyber Security Analyst

Job Title: Cyber Security Analyst
Location: Apollo Beach, FL 33572
Employment Type: Full-Time
 
Overview

• The Cyber Security Analyst progression path (Analyst, Senior Analyst, Lead Analyst) provides structured advancement in securing Industrial Control Systems (ICS), Distributed Control Systems (DCS), and SCADA environments.
• Analysts are responsible for maintaining security across operational technology (OT) systems, ensuring compliance with regulatory and internal standards, and safeguarding critical infrastructure.
• This role supports cybersecurity for plant systems such as Emerson Ovation, GE Mark VIe/60, ABB, and Allen Bradley, which form the backbone of the power station’s control and automation environment.
• Responsibilities include vulnerability management, patching, database accuracy, documentation, and continuous improvement of OT cybersecurity standards.

 
Level 1 – Cyber Security Analyst
Position Concept:
Supports cybersecurity maintenance in the OT environment by monitoring, patching, updating systems, and ensuring accurate documentation. Works closely with plant maintenance and IT/OT teams to implement security measures and maintain compliance.
Key Responsibilities:

• Identify and update cyber assets across OT systems (ICS, DCS, SCADA).
• Check updates, install security patches, and apply antivirus packages on plant control and support systems (including laptops and HMIs).
• Maintain and update the OT cyber asset database to ensure accuracy.
• Collect and baseline OT system configurations; update SharePoint documentation for stakeholder visibility.
• Monitor CVE releases for relevance to OT assets.
• Provide IT support for OT systems (network appliances, remote connectivity, HMI software/hardware).

Required Knowledge/Skills/Abilities:

• Basic knowledge of ICS/DCS/SCADA systems and industrial automation platforms (Emerson Ovation, GE Mark VIe/60, ABB, Allen Bradley).
• Foundational understanding of OS and network security (Windows, Linux/Unix, Mac OS).
• Familiarity with security tools (Firewalls, IDS/IPS, Antivirus, SIEM, DLP).
• Basic knowledge of forensic investigation (logs, systems, networks).
• Strong documentation and communication skills.

Preferred Skills:

• Experience applying patches and package updates in OT environments.
• Supporting compliance audits and updating OT cybersecurity standards.
• Hands-on troubleshooting of plant network communications.

 
Position Concept:
Takes responsibility for assessing OT vulnerabilities, confirming secure configurations, and coordinating remediation efforts. Works with plant teams to evaluate network architecture, improve asset visibility, and ensure standards compliance. Provides mentorship to junior analysts.
Key Responsibilities:

• Evaluate plant network architecture and external connections to ensure segmentation between OT and IT environments.
• Develop cybersecurity maintenance procedures based on vendor manuals, industry standards, and regulatory requirements.
• Monitor vulnerabilities and develop remediation plans for OT cyber assets.
• Mentor Level 1 Analysts and provide planning guidance.
• Support vulnerability management activities, including vendor updates and tool/asset deployment across platforms such as Emerson, GE, ABB, and Allen Bradley.

Required Knowledge/Skills/Abilities:

• Advanced knowledge of OT cybersecurity practices, ICS/DCS/SCADA systems, and networked control environments.
• Hands-on experience with security systems (Firewalls, IDS/IPS, SIEM, Endpoint Security).
• Proficiency in forensic investigation and vulnerability assessments.
• Experience with scripting (Python, Bash, PowerShell).
• Familiarity with penetration testing tools and OT risk assessments.
• Strong knowledge of compliance requirements (NERC CIP, SOX, PCI).

 
Position Concept:
Leads the OT cybersecurity program, ensuring alignment with regulatory and industry standards. Oversees documentation, policy enforcement, and the integration of new security controls. Acts as the subject matter expert for ICS cybersecurity, regulatory audits, and IT/OT collaboration.
Key Responsibilities:

• Translate industry standards (NERC CIP, NIST CSF, NIST 800-53) into operational policies and procedures.
• Review and update OT cybersecurity standards, frameworks, and maintenance schedules.
• Lead vulnerability management and vendor patching programs for plant systems (Emerson, GE, ABB, Allen Bradley).
• Coordinate responses to regulatory and audit requests.
• Oversee asset criticality evaluations and compliance reviews.
• Train OT staff, promote cybersecurity awareness, and facilitate IT/OT integration.

Required Knowledge/Skills/Abilities:

• Expertise in developing and managing OT cybersecurity programs for ICS, DCS, and SCADA environments.
• Advanced expertise with control system vendor platforms (Emerson Ovation, GE Mark VIe/60, ABB, Allen Bradley).
• Deep knowledge of forensic investigations, malware analysis, and packet analysis.
• Strong scripting skills (Python, Bash, PowerShell).
• Expert understanding of compliance frameworks (NERC CIP, SOX, PCI).
• Leadership skills with ability to mentor, train, and manage cross-functional initiatives.

Preferred Skills:

• Expertise in reverse engineering malware targeting OT environments.
• Proven experience developing and enforcing enterprise-level OT cybersecurity controls.

 
Education

• Required (All Levels): High School Diploma or equivalent.
• Preferred: Bachelor’s Degree in Computer Science, Information Systems, Cybersecurity, or related field.

 
Certifications

• Required (All Levels): At least one information security certification (Cisco, (ISC)², GIAC, ISA, ISACA, CompTIA, EC-Council) or ability to obtain within one year of hire.
• Preferred: Multiple certifications such as CISSP, CISM, CISA, CEH, CCNP, OSCP, or GIAC specializations.

 
Experience

• Level 1: 5+ years in cybersecurity, OT/IT systems, industrial automation, or related technical field.
  • Substitution: 2 years with Associate’s Degree, 1 year with Bachelor’s Degree.
• Level 2: 6+ years in cybersecurity or OT environments.
  • Substitution: 4 years with Associate’s Degree, 3 years with Bachelor’s Degree.
• Level 3: 8+ years in OT cybersecurity or ICS/DCS/SCADA environments.
  • Substitution: 4 years with Associate’s Degree, 2 years with Bachelor’s Degree.