Network Cybersecurity Engineer - Overland Park, KS Hybrid

Date: Apr 25, 2024

Location:

Overland Park, KS, US

Company: Black & Veatch Family of Companies

Together, we own our company, our future, and our shared success.

As an employee-owned company, our people are Black & Veatch. We put them at the center of everything we do and empower them to grow, explore new possibilities and use their diverse talents and perspectives to solve humanity's biggest challenges in an ever-evolving world. With over 100 years of innovation in sustainable infrastructure and our expertise in engineering, procurement, consulting and construction, together we are building a world of difference.

Company : Black & Veatch Corporation

Req Id : 103361

Opportunity Type : Staff

Relocation eligible : No

Full time/Part time : Full-Time

Project Only Hire : No

Visa Sponsorship Available: No

The Opportunity

The Senior Network Security Engineer will assume a leadership role in the research, analysis, design, implementation, testing, and troubleshooting of cybersecurity solutions in complex data networks in support of Smart Grid client systems. The role requires the candidate to analyze, design, implement, test, and troubleshoot these solutions in various network scales and scope, typically involving complex critical infrastructure networks. This individual will also be responsiblefor initiating the development and design of not only network solutions, but supporting cybersecurity practice process and policy, security critical infrastructure through all 7 layers of the ISO OSI model. The ideal candidate will have elevated their career through hands-on implementation and experience within a consulting environment.

Key Responsibilities

• Responsible for critical infrastructure system development including identifying security risks and appropriate controls to enable secure day-to-day network operation, and creation of end-to-end application security policies on for digitally transforming industrial networks

• Interact with technical and non-technical clients to complete current and future state analysis solutions analysis, including documentation of those solutions. Written and verbal communications skills must be advanced and able to address needs knowledge transfer from field teams to the C-suite, including comfort with presenting complex technical data in front of large audiences

• Provide direct implementation and design recommendations and techniques for common cybersecurity tools implementation e.g. packet sniffers, firewalls, ACL management, IDS, end-point impacts and protection, Security Event Management and Correlation systems (SIEM), secure remote connectivity, etc.

• Provide subject matter expertise and technology support for internal and external digital information projects

• Familiarity and practical project experience with Information Security best-practice controls and associated assessment requirements, and impact on Risk and Compliance

• Develop training materials for general security awareness and specific security technology training and mentor others within the Network and Cybersecurity Services team

• Understand, advocate, and support Secure Operations Technology (OT) Security strategies as differentiated from Information Technology (IT) environments

• Lead development of Utility Smart Grid Security standards and deployment practices, seeking opportunity to influence industry standards through various committee memberships

Key Duties

• Responsible for the system development and infrastructure units in identifying security risks and the appropriate controls for day-to-day network operation, and creation of end-to-end network security policies on Smart Grid networks

• Interact with technical and non-technical clients to for all phases and tasks within a Planning, Assessment, Architecture, Detailed Design, Implementation and Optimization project execution methodology

• Provide direct implementation and design recommendations and techniques for common cybersecurity tools and appliances, e.g., packet sniffers, firewalls, ACL management, IDS, Event Management and Correlation systems, secure remote connectivity, etc.

• Provide subject matter expertise and technology support for all projects and application related Information Security needs and security compliance efforts, on core projects and as requested from various market(s) teams

• Develop training materials for general security awareness and specific security technology training and Mentor others on the Telecommunication team

• Act as a reference for cybersecurity product OEM’s encouraging learning opportunities and staying current in leading technologies

Preferred Qualifications

• 3+ years in Information Technology and Information Security experience as a Security Engineer or Network Security Engineer

• Experience gathering requirements from different business units, stakeholders and engineering teams, while understanding the difference between Engineering Requirements and Functional Requirements

• Excellent verbal and written communication skills toward both technical and non-technical audiences

• Must be able to demonstrate understanding of cybersecurity related protocols, their operation, behavior, configuration and troubleshooting, packet-level knowledge preferred

• Prior hands-on experience with common cybersecurity tools, applications and appliances including permitter protections, VPN concentrators, firewalls, intrusion detection, IDS, HIDS, access controls, white-listing, etc.

• Prior hands-on experience with common network and cybersecurity operations practices, tools and organization theory, both NOC and SOC.

• Advanced knowledge of common networking protocols and encryption services and their relevant security issues (TCIP/IP, DNS, NTP, BGP, OSPF, SNMP, 802.1x, SSL, IPSEC, etc.)

• Working knowledge of access and directory systems such as Active Directory, Radius, authentication and identity certificates and key exchange, etc.

• Advanced knowledge of data classification and its impact on the security designof networking solutions.

• Experience with security policy development and impact upon data networking infrastructure planning and deployment

• Understanding of and experience with industry and regulatory frameworks and standards, including but not limited to: NIST, ISO 27000 series, and Top 20 Critical Security Controls (CSC),

• Understanding of security auditing practices for network infrastructures

• Understanding of cybersecurity team operations and management as it relates to effective designand deployment of security solutions.

• Experience automating tasks common to security posture evaluation such as Regular Expressions, Shell scripting, Perl scripting, Excel macros, etc.

• Experience determining and documenting engineering and security system requirements and standards which support large-scale complex data networks and an ability to defend them in an engineering environment

• Experience in penetration testing and reporting including log analysis, etc. with a variety of tools, e.g. Rapid7, Nessus, NMAP, TCPdump, etc.

• Diverse operating system experience with at least basic command line admin familiarity with both Windows and Linux

• Experience in leading Level of Effort work-load calculations for large complex projects

• Possess recognized industry cybersecurity and network engineering certifications, e.g. CISSP, CISM, CISA, Cisco CCNP or above, CEH, CRISC, CHFI, COMP TIA Security+, SANS GSEC, etc.

• Advanced practical experience working with cybersecurity and networks within industrial and/or critical infrastructure networks

• Experience working with NERC CIP, NIST or CISS best-practice cybersecurity frameworks and compliance

• BS degree in Information Security/ Computer Science/Electronics and Engineering /Information Technology

• Cloud security architecture experience is preferred.

Minimum Qualifications

All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.

Certifications

Cisco CyberOps, Cisco CCNP Security, Cisco CCIE Network or Security, CISSP, CISA, CISM, SANS certifications

Work Environment/Schedule

Black & Veatch prides itself on the support of our employees and providing flexibility to make the things that are most important to you, a priority. This is why we offer our professionals, located near an office, the option of a Hybrid work environment. Our hybrid work approach allows our employees to work two days a week from other locations outside of the office. This opportunity will be based out of our Overland Park, KS office.

This role may require up to 25% travel

#LI-KT1

Salary Plan

ITS: Information Technology Service

Job Grade

005

Black & Veatch endeavors to makeaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process because of a disability, please contact the Employee Relations Department at +1-913-359-1622 or via our. This contact information is for disability accommodation requests only; you may not use this contact information to inquire about the status of applications. General inquiries about the status of applications will not be returned.

Black & Veatch is committed to being an employer of choice by creating a valuable work experience that keeps our people engaged, productive, safe and healthy.

Our comprehensive benefits portfolio is a key component of this commitment and offers an array of health care benefits including but not limited to medical, dental and vision insurances along with disability and a robust wellness program.

To support a healthy work-life balance, we offer flexible work schedules, paid vacation and holiday time, sick time, and dependent sick time.

A variety of additional benefits are available to our professionals, including a company-matched 401k plan, adoption reimbursement, tuition reimbursement, vendor discounts, an employment referral program, AD&D insurance, pre-taxed accounts, voluntary legal plan and the B&V Credit Union. Professionals may also be eligible for a performance-based bonus program.

We are proud to be a 100 percent ESOP-owned company. As employee-owners, our professionals are empowered to drive not only their personal growth, but the company's long-term achievements - and they share in the financial rewards of the success through stock ownership.

By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.

Black & Veatch Holding Company, its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.

For our EEO Policy Statement, please click. If you’d like more information on your EEO rights under the law, please clickand.

Notice to External Search Firms : Black & Veatch does not accept unsolicited resumes and will not be obligated to pay a placement fee for unsolicited resumes. Black & Veatch Talent Acquisition engages with search firms directly for hiring needs.

Nearest Major Market: Olathe

Nearest Secondary Market: Kansas City

Job Segment: Construction, Network Engineer, Electronics Engineer, Engineer, Engineering