Cybersecurity Engineer

GHD GHD is a global multidisciplinary professional services network offering integrated solutions across digital, engineering, environmental, design and construction. To solve complex challenges, you need to challenge the status-quo. At GHD Advisory we are invested in creating sustainable commercial outcomes with clients driving change in water, energy and urbanization. Join a team committed to solving complex challenges across the value chain, from capital deployment to asset management, enabling resilience, growth and sustainability. Together, we'll help create a future for generations to come. Who are we looking for? This Cybersecurity Engineer will be an integral part of GHD's Critical Infrastructure Cybersecurity (CIC) Group, providing OT cybersecurity design support for GHD's core engineering services in the water/wastewater, energy, transportation, and building sectors. The successful candidate will have an understanding of both "IT" and "OT" cybersecurity to translate, communicate, and implement best practices across both environments. This position requires understanding how to apply industry standard assessment methodologies, assist clients in establishing governance policies, determine and establish OT cybersecurity design requirements, and develop OT cybersecurity design documentation. The candidate should be comfortable working on the ground floor of security implementation and adept at communicating with senior management on the various aspects required to create a strong cybersecurity posture for an organization. This position is available anywhere in the West region , with the ability to work in a hybrid office/remote environment. The position requires some travel to the client during key project milestones. No VISA sponsorship is available for this role at this time. Responsibilities: Actively participate in multi-discipline engineering design groups, serving as the core project engineering team OT cybersecurity consultant to facilitate reliable, safe, and secure network and system designs considering project constraints: Risk, cost, schedule, resources, capabilities, regulations, and industry cybersecurity standards. Participate in project scope development, project fee development, and project risk reviews. Assist clients and associated engineering group leaders in identifying potential OT cybersecurity risks and threats, and equipment selection as it relates to OT cybersecurity. Provide client consulting assistance, including master planning in conformance with standards, policies, procedures, and directives relevant to the owner/client. Work with clients to develop governance policies necessary to mitigate vulnerabilities and attack vectors. Develop system design and specification documentation deliverables that address OT cybersecurity vulnerabilities, including identifying physical controls to mitigate vulnerabilities and attack vectors. Participate in project meetings and coordinate deliverables with clients, multi-discipline engineering teams, and system integrators. Maintain a working knowledge of cybersecurity standards and frameworks including ISA-62443, NIST-800, ISO 27001, and others as required. Develop and provide internal and external training/mentorship on cybersecurity topics. Provide post-project design validation reviews to confirm conformance with the established OT cybersecurity needs. Lead, manage, and review GHD cybersecurity/engineering deliverables in the project delivery of cross-sector OT cybersecurity services. What you will bring to the team: Bachelor's Degree in a technical field similar to Electrical Engineering, Automation Engineering, Computer Engineering, or Computer Science. CISSP or GICSP certification or willingness to obtain certification. Familiarity with the implementation of OT cybersecurity and the needs of enterprise business management as it pertains to OT data access. Experience and ability to correctly apply common IT systems including wireless network systems, fiber optic networks, Layer 2 and Layer 3 switches/methodologies, firewalls, and related systems. Industrial Control System (ICS) network segmentation design experience and familiarity with the Purdue Model. Knowledge of common cybersecurity threats such as Denial of Service, Ransomware, etc., and approaches to mitigate threats. Experience in ICS design, development, deployment, and evaluating virtual and cloud-based hosting environments. Familiarity with multiple SCADA equipment manufacturers and OT network communications protocols. 3+ years of experience working in various critical infrastructure markets: Transportation, Federal/DoD, Oil & Gas, Chemical, Water/Wastewater, Power Generation, etc. Strong team player with excellent communication and documentation skills. Travel (approximately 15% - 25%): North America. Salary Range: $107,180 - $160,770 based on experience. As a multicultural organization, we encourage individual achievement and recognize the strength of a diverse workforce. GHD is an equal opportunity employer. #J-18808-Ljbffr

Created: 2025-03-01