Consultant, Lead at American Bureau of Shipping (ABS) in Spring, Texas

Job Description:

The Lead Consultant, SOC Analyst's primary mission is to improve and grow ABS Group's Industrial Security Operations Center's monitoring and incident response capabilities. This role leads the incident detection, analysis, and response operations as well as reporting to clients and end users.

This position is responsible for ensuring Service Level Agreements (SLA) are met when responding to digital security incidents, providing forensics and threat hunting support, and managing security analysis and OEM communications. The Lead Consultant will also help define and optimize the analytical and dashboard tools to correlate and distribute information to clients and partners.

The Lead Consultant works with a team that performs real time event and incident management processes, as well as OT security incidents evaluation and response following the event management guidelines and policies of ISOC. This position requires 3-5 years of cybersecurity incident response experience and OT experience related to critical infrastructure. The candidate should have experience with IT/OT Security (i.e., monitoring Supervisory Control and Data Acquisition (SCADA) or Distributed Control Systems (DCS), and customer service skills. In addition to delivery, execution, and improvements of the ISOC capabilities, the Lead Consultant might be tasked with development and testing of various security practices and controls to meet customer or regulatory cyber security requirements.

The candidate is expected to continuously self-improve as a subject matter expert by participating in educational opportunities, reading professional literature, attending conferences etc.


What You Will Do:

• Understand modern attack techniques on applications, systems, and networks
• Support efforts to respond to digital security incidents through the initial triage phase and provide support to business and IT/OT clients as they work to close identified gaps
• Build and maintain close working relationship with the ISOC partners, cyber threat intelligence team, technology partners and others to bring together a holistic view of incidents
• Provide network intrusion detection expertise to support timely and effective decision making and when to declare and escalate an incident
• Provide incident response support, including evidence preservation and forensics
• Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, EDR, Antivirus, etc.) to determine the correct remediation recommendations and escalation paths for each incident
• Analyze network flow data for anomalies and detect malicious network activity
• Provide information regarding intrusion events, security incidents, and other threat indications
• Provide technical analysis and guidance on control systems security trends and industry benchmarking
• Conduct vulnerability assessments of complex, hybrid IT/OT environments
• Prepare and conduct technical presentations
• Identify and enhance the capabilities of the team by developing opportunities for automation
• Develop and test solutions in the ABSG Cyber Lab to enhance our service and product offerings

What You Will Need:


Education and Experience

• 3-5 years in security operations centers with IT cyber security, preferably OT/ICS cyber security implementation, and OT/ICS compliance experience
• Bachelor's degree in engineering, Computer Science, Cybersecurity, or demonstrated equivalent work-related experience
• Hands on SOC Threat Monitoring and Cyber Incident Response Team experience, required
• Proficiency-level professional certification Splunk Core Certified Advanced Power User, Splunk Certified Developer, Splunk SOAR Certified Automation Developer, GIAC Certified Incident Handler required
• Demonstrated knowledge of NIST Special Publication 800-82, ISO 27001, ISA/IEC 62443 or NIST 800-53, required
• Offensive Security Defense Analyst (OSDA) Certification, preferred
• Prior experience writing technical reports in English, preferred
• Experience developing and delivering training, preferred

Knowledge, Skills, and Abilities

• Have demonstrated experience in computer and network systems, including IT/OT security, cyber-related regulations, MITRE security practices and/or NIST standards
• Have demonstrated CIRT, CERT, Threat Monitoring, or SOC level 2 experience
• Have sound understanding of network, system, and application intrusion techniques on IT/OT infrastructure
• Have a good understanding of log formats from OS, Databases, Firewalls, Applications
• Have knowledge in Microsoft Sentinel, ArcSight, Splunk and other security tool environments
• Advanced Linux and Windows network knowledge
• Advanced knowledge of common OT protocols, i.e. Modbus, DNP3, OPC
• Ability to analyze OT Network traffic in Wireshark
• Able to interpret vulnerability assessments into actionable items for the client
• Able to demonstrate proficiency in MITRE ATT&CK Framework or LM Cyber Kill Chain® framework
• Possess excellent presentation skills, including presentation development, numeracy and analysis skills, and advanced skills in Microsoft Word, Excel, PowerPoint, Visio, and Outlook
• Possess excellent English oral and written communication skills, and strong interpersonal and collaboration skills
• Work productively with little supervision with demanding due dates
• Working knowledge of the ABS Health, Safety, Quality and Environmental Management Systems

Reporting Relationships:


Reports directly to the SOC Lead and will have no direct reports.


Salary Range: $80,000-95,000



ABOUT US



We set out more than 160 years ago to promote the security of life and property at sea and preserve the natural environment. Today, we remain true to our mission and continue to support organizations facing a rapidly evolving seascape of challenging regulations and new technologies. Through it all, we are anchored by a vision and mission that help our clients find clarity in uncertain times.


ABS is a global leader in marine and offshore classification and other innovative safety, quality, and environmental services. We're at the forefront of supporting the global energy transition at sea, the application of remote and autonomous marine systems, cutting-edge technical solutions, and many more exciting advancements. Our commitment to safety, reliability, and efficiency is ever-present, guiding our clients to safer and more efficient operations.


About Our Benefits


ABS Group proudly offers a variety of industry-leading benefits designed to enhance the life and well-being of our employees and their families. These benefits include, but are not limited to, medical insurance (PPO and HD), dental and vision insurance, Health Savings account (HSA), Flexible Savings Account (FSA), life insurance, accidental death and dismemberment insurance, disability leave programs, parental leave program, paid holidays, and paid vacation time. The Company provides an Employee Assistance Plan (EAP) that offers additional support in personal wellness, including work-life services. ABS Group also offers a 401K plan with a generous company match, subject to plan requirements.


Equal Opportunity


The ABS Group of Companies is committed to the equal employment opportunity of its employees and prohibits discrimination against any employee or qualified applicant based on race, color, creed, religion, national origin, sex, gender identity, age, disability, marital status, sexual orientation, citizenship status or veteran status, or other non-work-related characteristics that may be protected under the law of the Federal Government or specific state employment laws.



Notice



ABS and Affiliated Companies (ABS) will not pay a fee to any third-party agency without a valid ABS Master Service Agreement (MSA) authorized and signed by Human Resources. Any resume, CV, application, or other forms of candidate submission provided to any employee of ABS without a valid MSA on file will be considered property of ABS, and no fee will be paid.


Other



This job description is not intended, and should not be construed, to be an all-inclusive list of responsibilities, skills, efforts or working conditions associated with the job of the incumbent. It is intended to be an accurate reflection of the principal job elements essential for making a fair decision regarding the pay structure of the job. #ogjs Apply Now