• Knowledge on ICS security reference architecture- Enterprise Reference Architecture model,
  • Working Knowledge of process control systems
  • Knowledge of industrial protocols (e.g., modbus, modbus TCP, DNP3, Ethernet/IP, OPC, HART)
  • Knowledge of access control models, Active directory services and knowledge of user access management (Domain Controller 2003,2008 R2).
  • Knowledge of change management, baselines, equipment connections, and configuration auditing.
  • Knowledge of distribution and installation of patches, knowledge of software reloads and firmware management
  • Security testing tools (e.g., packet sniffer, port scanner, vulnerability scanner).
  • Knowledge of attacks and incidents (e.g., man in the middle, spoofing, social engineering, denial of service, denial of view, data manipulating, session hijacking, foreign software, unauthorized access).
  • Knowledge of availability (e.g., health and safety, environmental, productivity).

  • Knowledge of cryptography & VPN (e.g., encryption, digital signatures, certificate management, PKI, public versus private key, hashing, key management, resource constraints).
  • Knowledge of security tenets (e.g., CIA, non-repudiation, least privilege, separation of duties).
  • Knowledge of threats (e.g., nation states, general criminals, inside and outside malicious attackers, hacktivists, inside non-malicious).
  • Knowledge of system backup & restoration-Symantec Backup recovery Tool & Veritas.
  • Knowledge of communication medium and external network communications.
  • Knowledge of field device architecture (e.g., relays, PLC, switch, process unit)
  • Knowledge of network protocols (e.g., DNS, DHCP, NTP, SNMPV3, Telnet, SSH, Syslog, SMTP TCP/IP).
  • Network segmentation (e.g., partitioning, segregation, zones and conduits, reference architectures, network devices and services, data diodes, DMZs).

  • wireless security (e.g., WIFI, wireless sensors, wireless gateways, controllers)
  • Knowledge of embedded device (e.g., PLCs, controllers, RTU, analyzers, meters, aggregators, security issues, default configurations).
  • Knowledge of network & system security/hardening
  • Knowledge of OS security (Unix/Linux, windows, least privilege security, virtualization)-Windows 2K,2003,2008,2012, WINXP, WIN7, WIN10).
  • Knowledge of anti-malware implementation, updating, monitoring, and sanitization. Knowledge of end protection including user workstations.
  • Knowledge of device testing (e.g., communication robustness, fuzzing) (e.g., risk, criticality, vulnerability, attack surface analysis, supply chain), Knowledge of security assessment.
  • Knowledge of risk management (e.g. Risk acceptance, risk/mitigation plan).
  • Knowledge of security policies and procedures development (e.g., exceptions, exemptions, requirements, standards).

  • Knowledge of event, network, and security logging, including knowledge of archiving logs.
  • Knowledge of event, network, and security monitoring.
  • Knowledge of incident recognition and triage (e.g., log analysis/event correlation, anomalous behavior, intrusion detection, egress monitoring, IPS), knowledge of incident remediation/recovery, and knowledge of incident response (e.g., recording/reporting, forensic log analysis, containment, incident response team, root cause analysis, eradication/quarantine).
  • Knowledge of physical security.
  • Knowledge of Disaster Recovery procedures
  • Bluecoat ICSP (Industrial control System Protection) scanner -Removable media scanning tool.
  • Waterfall Data-Diode.

3+ years experience
    Bachelor or Master degree in Engineering

Ashu Parihar

Post a Comment