• Advanced Engineer- Cyber Security - FM Approvals

    Location US-MA-Norwood
    Job ID
    2018-7438
    # Positions
    1
    Work Location
    Works from an office location
    Employee Type
    Regular
    Category
    Engineering - Engineering
  • Overview

    FM Approvals is an international leader in third-party testing and certification services. We test property loss prevention products and services—for use in commercial and industrial facilities—to verify they meet rigorous loss prevention standards of quality, technical integrity and performance. How? By employing a worldwide certification process that’s backed by scientific research and testing, and over a century of experience.

     

    The FM APPROVED mark is recognized and respected worldwide. Our certification instills confidence and commands respect in your marketplace.

    Responsibilities

    The successful candidate will serve as an industrial control cybersecurity subject matter expert in support of FM Approvals' Certification Program for components that make up Industrial Control Systems.

    The person in this position will be responsible for planning, conducting and directing testing and assessment of industrial control system components submitted for FM Approval as "cyber hardened components" and compliant with industry accepted security standards for ICSs. He or she will work in FM Global’s Engineering and Research facility in Norwood, MA, with occasional travel to the state of the art facility in West Glocester, RI, USA.

    Duties will include, but are not limited to, the development of proposals, preparation of test plans, supervision of tests, project management, documentation of results, preparation of written reports, participation on cybersecurity technical committees and other complex tasks associated with third party certification.

    The working environment includes both the office and laboratory. Overnight travel, to consult with customers, attend technical conferences and to conduct and monitor tests at test facilities, is typically less than 20%.

    Qualifications

    • A minimum of 3 years’ experience in information security
    • BS in engineering plus 7 years of experience working with industrial control systems desirable.
    • MS in engineering plus 4 years of experience working with industrial control systems helpful.
    • Detailed knowledge of system security vulnerabilities and remediation techniques.
    • Detailed knowledge of recognized industrial control cybersecurity risk frameworks (i.e. NIST SP 800-82).
    • -Detailed knowledge of recognized standards associated with the cybersecurity of industrial control systems (i.e. ISA/IEC 62443) and how to apply them.
    • The successful candidate should have demonstrated project management skills, superior written and verbal communication skills, and computer proficiency with programs such as Word, Excel and Outlook. 
    • Candidate must have the ability to read, write and speak English proficiently and the ability to understand and follow English instructions. 
    • Knowledge of SCADA Systems preferred.
    • CISSP certification a plus.
    • Candidate must possess outstanding relationship management skills including: 

    Exceptional customer service skills

    Excellent communication skills (both orally and in writing)

    Active listening skills to understand the points being made when someone else is speaking and giving full attention to the speaker

                Effective speaking skills to convey direction, information and technical concepts

                Ability to work effectively as a strong and supportive member of a team

                Demonstrated skill in organizing work, setting priorities and planning