Principal Systems Cyber Security Engineer - OT
$135,900 - $151,000/Yr
Constellation Energy Generation - Baltimore, MD
posted 25 days ago
Full-time - Senior
Baltimore, MD
About the position
The Principal Systems Cyber Security Engineer - OT is responsible for ensuring the security of Industrial Control Systems (ICS) within the power generation environment. This role involves acting as a liaison between various teams, including Operational Technology, Information Technology, and Security, to develop and implement security solutions that align with Constellation's Cyber Security objectives. The engineer will participate in industry forums, provide guidance on documentation, and maintain compliance with regulatory requirements while fostering a culture of teamwork and inclusion.
Responsibilities
- Develop Industrial Control System design specifications in collaboration with Operational Technology and Information Technology teams.
- Verify security design specifications for Industrial Control System assets using a risk-based approach.
- Understand Constellation's evolving computing environment and the necessary security technologies and architectures.
- Review regulatory roadmaps and evaluate new controls for compliance strategies.
- Maintain a map of current regulatory and internal requirements to identify gaps and create improvement projects.
- Support regulatory audits and provide mentorship to IT personnel.
- Promote diversity, equity, and inclusion within the team.
Requirements
- Bachelor's Degree in Computer Science, Information Technology, or a related discipline.
- 8 to 10 years of experience in Cyber Security Engineering and/or Architecture.
- Demonstrated analytical skills and technical knowledge in cyber and information security principles.
- Experience with enterprise and Industrial Control System specific security solutions.
- Knowledge of network services and protocols for network communications.
- Experience with incident categories and responses.
- Knowledge of intrusion detection methodologies and techniques.
- Experience with system administration and network hardening techniques.
- Knowledge of network security architecture concepts and the OSI model.
Nice-to-haves
- Graduate degree in cyber security or related area.
- Skill in using security event correlation tools.
- Knowledge of cyber defense policies and regulations.
- GIAC Global Industrial Cyber Security Professional (GICSP) certification or similar.
- Knowledge of NERC CIP, CMMC, NRC compliance frameworks.
Benefits
- Competitive salaries and bonus program
- 401(k) with company match
- Employee stock purchase program
- Comprehensive medical, dental, and vision benefits
- Robust wellness program
- Paid time off for vacation, holidays, and sick days
