Cybersecurity IACS Certification and testing specialist
LaBine & Associates
- Seattle, WA
Our client is a leader in testing and certifications for a wide range of industries. This specific career opportunity involves leading for participation in audits of Security Development Life Cycle (SDLC) and conduct security control assessments in accordance with cybersecurity standards or frameworks including the development of security assessment plans and assessment.
- Independently manages testing and certification projects concurrently ensuring compliance with all applicable test requirements achieving completion within time frames and cost deadlines. Test products against requirements of the national/international standards and precedent decisions.
- Demonstrates technical competency to review the work of others.
- Demonstrates technical competence in their respective certification programs.
- Able to accurately perform evaluation and review of complex, unique or unusual product types.
- Demonstrates the ability to consistently manage multiple projects concurrently while maintaining on-time and on-budget performance.
- Able to maintain high productivity in line with company expectations.
- Reviews test data, reports and authorizes application of Certification Marks.Prepares and / or signs Certification Reports and Certificates of Compliance.
- Conducts construction evaluation, ensuring the unit complies with the construction section of the standard; identifies rationale for compliance or non-compliance.
- Collaborates with Lab Technician to create a work order which test are required and; the order of the tests and the number of samples required.
- Verifies the reports, evaluation and calculations of others.Is able to verify the evaluation details and data recorded are consistent with results of measurements.
- Provides guidance to others in writing their technical reports and can demonstrate understanding of the process and accreditation requirements of reports and certification documents.
- Evaluates products at the customer facility. Witnesses tests performed by the customer on their products.
- Provides client with assistance in solving problems / failures without divulging proprietary information.
- Evaluates and qualifies companies in the administration of Certification Programs. Reviews customer test methods and systems; reviews new / old product designs and all applicable documentation. Ensures all test equipment and quality procedures are within guidelines. Provides technical briefings on new and existing requirements. Authorizes application and / or removal of the certification Mark.
- Provides technical information service to external and internal customers including those forwarded by the Client Service Center. Liaison with customers in the design stage to ensure requirements of national / international standards are met without compromising confidentiality.Provides technical guidance and training. Answers inquiries regarding standards and legal requirements.
- As required may participates in Technical Network, Technical Panel and may support documentation development.
- May be qualified to perform Report reviews and conduct Category Audits.
- Keeps the Product Group Manager or BDM informed of project status as required, pointing out major problems and non-compliance.
- Bachelor’s Degree in Electrical Engineering, Computer Engineering, Computer Science or Equivalent science or engineering degree with minimum 8 years of work experience;
- Proven experience and/or proficiency in the following:
- Minimum of 4 years of detailed system level product development involvement for IACS or minimum of 4 years of systems integration experience for IACS OR Min 6 years system level product Test of IACS; this experience level includes 2 years with software security-related responsibilities and 2 years involvement with networking technologies
- Minimum 1 year of experience performing software process audit OR 2 years in position in which software process has been audited on 3 or more products
- Hands on work experience with:
- Performing compliance and risk assessment audit
- Internal and external auditors
- At least one of regulatory standards or frameworks, such as: NIST SP 800-53, NIST Cybersecurity Framework, IEC 62443, UL 2900, FISMA, SOX, HIPAA / HITRUST, ISO 27001, Common Criteria, COSO, COBIT, CLASP, DO-178B, IEC 61508, ISO/IEC 15408-3, Microsoft Security Development Lifecycle
- Professional certification CISA, CISSP, GICSP or equivalent
- Experienced knowledge level of at least two different IACS AND General knowledge of application of IACS and roles and duties of employees at sites using IACS AND Moderate level knowledge of networking and communication protocols AND Able to independently read and interpret requirement specifications for IACS products AND Able to independently read and understand user installation and configuration documents for IACS products AND Knowledge of methods used to protect communications and detect / prevent communication attacks
- Strong interpersonal skills and proven track record in establishing and sustaining close working relationships with functional teams and subject matter experts as well as IT technical, development, and support personnel
- Understanding and working knowledge of information security data and processes
- Highly motivated, self-starting individual, and able to multi-task and manage to timelines
Friday, January 31, 2020