• Advanced Engineer-Cyber Security

    Location US-MA-Norwood
    Job ID
    # Positions
    Work Location
    Works from an office location
    Employee Type
    Engineering - Engineering
  • Overview

    FM Global is a leading property insurer of the world's largest businesses, providing more than one-third of FORTUNE 1000-size companies with engineering-based risk management and property insurance solutions. FM Global helps clients maintain continuity in their business operations by drawing upon state-of-the-art loss-prevention engineering and research; risk management skills and support services; tailored risk transfer capabilities; and superior financial strength. To do so, we rely on a dynamic, culturally diverse group of employees, working in more than 100 countries, in a variety of challenging roles.


    The successful candidate will serve as an industrial control cybersecurity subject matter expert in support of FM Approvals' Certification Program for components that make up Industrial Control Systems.

    The person in this position will be responsible for planning, conducting and directing testing and assessment of industrial control system components submitted for FM Approval as "cyber hardened components" and compliant with industry accepted security standards for ICSs. He or she will work in FM Global’s Engineering and Research facility in Norwood, MA, with occasional travel to the state of the art facility in West Glocester, RI, USA.

    Duties will include, but are not limited to, the development of proposals, preparation of test plans, supervision of tests, project management, documentation of results, preparation of written reports, participation on cybersecurity technical committees and other complex tasks associated with third party certification.

    The working environment includes both the office and laboratory. Overnight travel, to consult with customers, attend technical conferences and to conduct and monitor tests at test facilities, is typically less than 20%.


    • A minimum of 3 years’ experience in information security
    • BS in engineering plus 7 years of experience working with industrial control systems desirable.
    • MS in engineering plus 4 years of experience working with industrial control systems helpful.
    • Detailed knowledge of system security vulnerabilities and remediation techniques.
    • Detailed knowledge of recognized industrial control cybersecurity risk frameworks (i.e. NIST SP 800-82).
    • -Detailed knowledge of recognized standards associated with the cybersecurity of industrial control systems (i.e. ISA/IEC 62443) and how to apply them.
    • The successful candidate should have demonstrated project management skills, superior written and verbal communication skills, and computer proficiency with programs such as Word, Excel and Outlook. 
    • Candidate must have the ability to read, write and speak English proficiently and the ability to understand and follow English instructions. 
    • Knowledge of SCADA Systems preferred.
    • CISSP certification a plus.
    • Candidate must possess outstanding relationship management skills including: 

    Exceptional customer service skills

    Excellent communication skills (both orally and in writing)

    Active listening skills to understand the points being made when someone else is speaking and giving full attention to the speaker

                Effective speaking skills to convey direction, information and technical concepts

                Ability to work effectively as a strong and supportive member of a team

                Demonstrated skill in organizing work, setting priorities and planning