Senior SCADA Network Administrator

City of Irvine | Irvine, CA

Applying to this job will open a new window on the employer's web site to apply there.

Posted Date 7/10/2019
Description
 

Salary: $7,605 - $10,530 / Monthly

General Description:
The Irvine Ranch Water District is accepting applications for a Senior SCADA Network Administrator. The successful candidate will be responsible for the design, installation, configuration, optimization, administration, maintenance, cybersecurity protection and continuous 24/7 operation of the IRWD Industrial Control System / Supervisory Control and Data Acquisition (ICS/SCADA) system.

Summary of Duties:

Network, Server and SCADA Application: 

  • Design and oversee ICS/SCADA network and server infrastructure

     

  • Evaluate and simulate the effects of patches, firmware, drivers, operating systems, and software updates in a SCADA sandbox environment.

     

  • Plan, schedule, install, configure, integrate, troubleshoot, patch, update, and maintain ICS/SCADA hardware and software to improve, secure and support continuous 24/7 operation of the ICS/SCADA infrastructure with minimum to zero downtime production environment.

     

  • Collaborate with consultants, vendors and staff members to resolve network, server and SCADA application issues.

     

  • Provide advanced technical expertise and hands-on support to the Automation team and internal customer as required.

     

  • Segment network utilizing Purdue model, principles of least privilege and need-to-know basis and other best practice.

     

  • Install and configure point-to-point VPN, IPS, IDS, Firewalls and other applications to secure ICS/SCADA communication.

     

  • Develop and maintain documentation, including but not limited to ICS/SCADA architecture drawings, installation, configuration, and troubleshooting procedures.

     


ICS/SCADA Cybersecurity:

 

  • Lead Automation team in collaboration efforts with other cybersecurity experts, consultants and internal staff to develop well-constructed approaches to ICS/SCADA risk management, mitigation, and monitoring strategies.

     

  • Responsible to create, maintain, assess, audit and comply with applicable laws, regulatory and security policies, standards and best practice hardening guidelines of the ICS/ SCADA infrastructure utilizing

     

  • NIST Framework for Improving Critical Infrastructure Cybersecurity

     

    • NIST 800-82 - Guide to Industrial Control Systems (ICS) Security

       

    • NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

       

    • AWWA G430-14 - American Water Works Association Security Practices for Operation and Management

       

    • Other relevant framework or standards

       

     

  • Utilize Kali Linux, Metasploit, Wireshark, Nessus and other tools to penetrate ICS/SCADA system to discover vulnerability and deficiency.

     

  • Educate internal staff about the risk and the steps required to close the security gap and to report cyber threats and attacks.

     

  • Develops, reviews, and implements improvements to the Backup and Disaster Recovery Plans and periodically simulate a disaster event to ensure the ICS/SCADA is able to recover from a disaster.

     

  • Maintain a performance management program with relevant key performance indicators (KPIs) and tracking mechanisms.

     

  • Review automation software and hardware histories and determine repair, system upgrades, and replacement needs

     

  • Develop, and execute policies including but not limited to network reliability, SCADA cybersecurity, backup and disaster recovery.

     

  • Stay abreast with current developments and regulation changes in the automation controls, information systems technologies, cybersecurity and water utility industries in order to provide updates and recommendation to management staff.

     

  • Maintain regular contact with Operations, Maintenance, Engineering and other departments or consultants to provide as needed support and participate in cross-department projects as directed.

     

  • After hours' accessibility will be required as needed to meet District needs.

     

  • Perform other related duties as assigned.

     

  • Comply with District work-related safety practices and attend relevant safety training.

     


QUALIFICATIONS:
A combination of education and experience equivalent to a Bachelor's degree in Computer Science, Engineering or related field and at least five (5) years of experience in Operational Technology (ICS/SCADA) or Information Technology environment required.

Experience with the following software, hardware and protocols required:

 

  • Microsoft Windows Server and Desktop operating system

     

  • Microsoft Active Directory and Group Policy

     

  • Powershell Scripting

     

  • VMWare Hypervisor, vCenter and Microsoft Hyper-V

     

  • Veeam

     

  • Industrial communication protocols, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Host

     

  • Intrusion Prevent System (HIPS), Layer 7 Application Control, SNORT and Wireshark

     

  • Kali Linux or other similar distribution

     

  • Nessus, OpenVAS, Metasploit or other vulnerability management software

     

  • Radio communications equipment, Network Switches, Virtual Private Network (VPN), Routers and Firewalls

     

  • Security Information and Event Management (SIEM), Syslog and Simple Network Management Protocol (SNMP) and Trap

     


Experience with the following software and hardware is highly desired:

 

  • Wonderware Intouch, Application Server or other SCADA software

     

  • Schneider Modicon PLC

     

  • Microsoft SQL and Power BI

     

  • Schneider/Wonderware System Platform, Historian, InTouch and Maple Systems

     

  • Schneider Unity Pro

     

  • Python Scripting

     


License / Certifications Required:

 

  • Depending on assignment, a valid Class 'C' California Driver's License may be required.

     


Must obtain 1 or more of the following certifications within 9 months of hire date:

 

  • Cisco CCNP (Cisco Certified Network Professional)

     

  • Cisco CCNA (Cisco Certified Network Associate)

     

  • Microsoft MSCE (Microsoft System Certified Engineer)

     


Must obtain 1 or more of the following certifications within 9 months of hire date:

 

  • CompTIA Security+

     

  • Certified Penetration Tester (CPT)

     

  • Certified Expert Penetration Tester (CEPT)

     

  • Certified Ethical Hacker (CEH)

     

  • GIAC Industrial Cyber Security Professional (GICSP)

     

  • GIAC Critical Infrastructure Protection (GCIP)

     

  • GIAC Response and Industrial Defense (GRID)

     

  • Cisco CCNA Security (Cisco Certified Network Associate Security)

     

  • Certified Information Systems Security Professional (CISSP)

     

 
 

IF YOU ARE INTERESTED IN APPLYING FOR THIS JOB OPPORTUNITY, PLEASE VISIT https://www.governmentjobs.com/careers/irwd AND SUBMIT AN ONLINE JOB APPLICATION BEFORE THE CLOSING DEADLINE ON JULY 15, 2019. 

 

Job Category
Local Government
Career Level
Senior

Share this job