The Senior ICS Security Engineer will ensure the security of the organization's information assets, designs, configuration baselines, and systems through a structured, proactive approach that balances risk with business requirements. You will plan, engineer, configure, implement, and troubleshoot security and Industrial Control Systems (ICS) infrastructure vital to maintaining an array of secure global data centers and ICS infrastructure.
You will provide domain expertise for a variety of technology projects with an emphasis on ICS security in partnering with internal and external business partners as necessary to provide security assurance against cyber-attacks, to include inappropriate and/or unauthorized disclosure of Company and/or Customer information; and other cyber activities that could negatively impact Equinix and its customers.
You will also implement new technologies, policies, and procedures for efficient business network operations and provide operational support for security and OT/IT infrastructure. Your capabilities to identify security vulnerabilities and mitigate opportunities within the security and OT/IT infrastructure would be critical. Demonstrate an aptitude for maintaining strong security market awareness as well as to recommend, implement, and handlground breaking technologies.
- Identify changes needed in data center infrastructure design and configurations vital to achieving the technology organization goals.
- Actively participate in data center infrastructure strategy reviews and design sessions by performing applicable network, system, application, database, and security analysis.
- Analyzes network & IT/OT system response and determines tuning recommendations to improve performance, adhere to capacity management expectations, and provide performance management reporting.
- Lead effective issue identification and resolution processes; Serve as a senior escalation point for all data center network and IT/OT security operations issues with a degree of quality that results in absolute root-cause determination and drive vendor partners to provide quality assurances by requiring immediate bug fixes, software updates, etc.
- Perform advanced tier 3 support, to include but not limited to: troubleshooting, off-hour maintenance activities, problem resolution, and on-call rotation while ensuring all activities will adhere to the services change management policy.
- Perform capacity planning of all systems and environments; ensure that upgrades are completed on a standardized basis.
- Build and maintain documentation as it relates to IT/OT systems, design, configuration, support and processes.
- Create and maintain playbooks and remediation plans ensuring that these are tested and updated regularly.
- Conduct high-level and low-level designs for data center and network infrastructure security projects and lead data center infrastructure changes.
- Interact with partner organizations/departments to design network or system solutions for our data center infrastructure
- Design and develop solutions and ICS requirements based on business unit needs; make recommendations on investments in network hardware and services.
- Evaluate new technologies and recommend future strategies to Management.
- Interact with business partners to develop a strategy to implement ICS security.
- Experience in architecture and design of global ICS security data center solutions.
- Follow industry standards, regulatory requirements, and the potential impacts to policies/controls, standards, and procedures and assist in audit situations, regional compliance, and steering committees.
- A recognized university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent.
- Have at least 5 complete years of relevant working experience with implementation / deployment / securing ICS/OT/IT systems.
- Solid experience in the field of cybersecurity in industrial control systems, operational technology, and information technology.
- Focus on detecting, supervising and controlling physical equipment and processes using:
- Sensors, Actuators, Controllers,
- PLC (Programmable Logic Controllers),
- PCD (Process Control Dynamics),
- BAS (Building Automation System)
- Experience and knowledge of traditional security controls and technologies, such as:
- Security Information and Event Management (SIEM) systems
- Intrusion Detection/Prevention systems (IDS/IPS)
- Public Key Infrastructure (PKI), Identity and Access Management (IDAM) systems
- Antivirus software and Firewalls
- Privilege/vulnerability and threat management
- Operational Support Systems
- In addition to newer offerings such as:
- Endpoint Detection and Response (EDR)
- Information Protection
- Cloud Security (AWS/Azure)
- Threat Intelligence Platforms
- Security Automation and Orchestration
- Deception technologies and application controls
- Well-rounded knowledge of system and network security techniques and standards, NIST CSF, 800-53, 800-82.
- Demonstrates understanding of project management processes, including the planning of action items and resources, including RFI/RFP.
- Able to communicate developed technology solutions, expresses the importance of effective implementation and develops implementation plans.
- Certifications in Information Security and IT disciplines such as MCSE, RHCE, CISSP, CEH, Network +, etc.
- Experience with system communications protocols (TCP/IP, UDP IP, HTTP, FTP, SFTP, USB, MODBUS TCP, PROFIBUS, BACNET, RS 232/485, XMPP).
- Experience in Python, Bash, PowerShell is preferred and C, C++, Visual C, Java, Java Script, SQL, a nice to have.
- Creative, independent with good problem-solving skills.
- Strong analytical, interpersonal, communication and writing skills.
- Willingness to travel on overseas assignment as the need arises.
Equinix is an equal opportunity employer. All applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with disability.