- Knowledge on ICS security reference architecture- Enterprise Reference Architecture model,
- Working Knowledge of process control systems
- Knowledge of industrial protocols (e.g., modbus, modbus TCP, DNP3, Ethernet/IP, OPC, HART)
- Knowledge of access control models, Active directory services and knowledge of user access management (Domain Controller 2003,2008 R2).
- Knowledge of change management, baselines, equipment connections, and configuration auditing.
- Knowledge of distribution and installation of patches, knowledge of software reloads and firmware management
- Security testing tools (e.g., packet sniffer, port scanner, vulnerability scanner).
- Knowledge of attacks and incidents (e.g., man in the middle, spoofing, social engineering, denial of service, denial of view, data manipulating, session hijacking, foreign software, unauthorized access).
- Knowledge of availability (e.g., health and safety, environmental, productivity).
- Knowledge of cryptography & VPN (e.g., encryption, digital signatures, certificate management, PKI, public versus private key, hashing, key management, resource constraints).
- Knowledge of security tenets (e.g., CIA, non-repudiation, least privilege, separation of duties).
- Knowledge of threats (e.g., nation states, general criminals, inside and outside malicious attackers, hacktivists, inside non-malicious).
- Knowledge of system backup & restoration-Symantec Backup recovery Tool & Veritas.
- Knowledge of communication medium and external network communications.
- Knowledge of field device architecture (e.g., relays, PLC, switch, process unit)
- Knowledge of network protocols (e.g., DNS, DHCP, NTP, SNMPV3, Telnet, SSH, Syslog, SMTP TCP/IP).
- Network segmentation (e.g., partitioning, segregation, zones and conduits, reference architectures, network devices and services, data diodes, DMZs).
- wireless security (e.g., WIFI, wireless sensors, wireless gateways, controllers)
- Knowledge of embedded device (e.g., PLCs, controllers, RTU, analyzers, meters, aggregators, security issues, default configurations).
- Knowledge of network & system security/hardening
- Knowledge of OS security (Unix/Linux, windows, least privilege security, virtualization)-Windows 2K,2003,2008,2012, WINXP, WIN7, WIN10).
- Knowledge of anti-malware implementation, updating, monitoring, and sanitization. Knowledge of end protection including user workstations.
- Knowledge of device testing (e.g., communication robustness, fuzzing) (e.g., risk, criticality, vulnerability, attack surface analysis, supply chain), Knowledge of security assessment.
- Knowledge of risk management (e.g. Risk acceptance, risk/mitigation plan).
- Knowledge of security policies and procedures development (e.g., exceptions, exemptions, requirements, standards).
- Knowledge of event, network, and security logging, including knowledge of archiving logs.
- Knowledge of event, network, and security monitoring.
- Knowledge of incident recognition and triage (e.g., log analysis/event correlation, anomalous behavior, intrusion detection, egress monitoring, IPS), knowledge of incident remediation/recovery, and knowledge of incident response (e.g., recording/reporting, forensic log analysis, containment, incident response team, root cause analysis, eradication/quarantine).
- Knowledge of physical security.
- Knowledge of Disaster Recovery procedures
- Bluecoat ICSP (Industrial control System Protection) scanner -Removable media scanning tool.
- Waterfall Data-Diode.
3+ years experience
- Bachelor or Master degree in Engineering
Ashu Parihar
ashuparihar@peoplebridge.in
No comments:
Post a Comment
Please give your feedback or Job Request here