Role Overview 

Bechtel National, Inc. (BNI), Bechtel’s government services business, is one of the top providers to departments and agencies of the U.S. and British governments. Its successes include many large, first-of-a-kind projects in government site management, environmental restoration, defense, space, energy, and national and homeland security. This position will be within the OT (Operational Technology) Cybersecurity Lab in Reston, Virginia, providing subject matter expertise to all Bechtel projects. 

The OT Cybersecurity Lab is part of Bechtel’s Cyber & Digital Solutions where we strive to “Secure the critical infrastructure of the next century to drive operational efficiencies for our customers”. As part of this team, you will be assisting projects in implementing systems for evaluating and mitigating cybersecurity risk for Industrial Control Systems (ICS), SCADA and other OT systems. You will also be part of a lab environment researching various technologies and methods that can be used to improve the cybersecurity posture of ICS and SCADA systems. 

The role involves complementary responsibilities in ICS Cybersecurity and Control Systems ICS design and is performed under the leadership of a supervisory or lead engineer. 

ICS Cybersecurity: 

The selected candidate for this position will have cybersecurity responsibilities as they relate to an Industrial Control System (ICS). These responsibilities focus on performing work both in a cybersecurity laboratory environment and in a project environment to provide a highly available and secure environment that meets the government mandated cyber security requirements (e.g., Risk Management Framework), in accordance with appropriate standards, (e.g., NIST SP 800-53, 800-82, etc.). At times the selected candidate might also work on commercial projects utilizing IEC/ISA 62443. This position also includes supporting necessary security controls and enhancements on the control systems; supporting project policy, plan, and procedure development; planning disaster and recovery; and adhering to configuration management. The candidate will need to work closely with Senior Engineers, Information Technology and Cybersecurity professionals to achieve a common goal.  

Following are typical responsibilities related to ICS cybersecurity: 

• Evaluate vendor cybersecurity products and writing evaluations results
• Interpret NIST-based and other standards to achieve cybersecurity work activities
• Set up and troubleshoot cybersecurity test configurations
• Provide logic and Human Machine Interface programming for cybersecurity testing rigs
• Assist in providing patch management activities for the overall Technical Center
• Provide status of ongoing design and development activities
• Work on special projects, such as the ICS Trainer System and ancillary work activities 

Control Systems ICS Design: 

The selected candidate must be familiar with the design process for Industrial Control Systems (ICS).  

Following are typical responsibilities related to Control Systems design: 

• Properly interpret and apply codes & standards and customer design requirements in the preparation of Control Systems design products
• Develop and/or modify Piping & Instrument Diagrams (P&IDs) to depict instrumentation and control requirements
• Prepare basic control systems engineering deliverables such as cabinet drawings, system logic diagrams, and ICS specifications
• Assist in the development of control system network architecture diagrams
• Contribute to maintaining the project’s instrument and ICS I/O databases using automated tools

Basic Qualifications

Level 1:  Bachelor of Science degree in Computer Science, Mechanical, Electrical, Chemical, or Electro-Mech Engineering from an accredited college or university within the past year

Level 2: Bachelor of Science degree in Computer Science, Mechanical, Electrical, Chemical, or Electro-Mech Engineering from an accredited college or university with at least 1 year of relevant experience; or Master of Science degree in Computer Science, Mechanical, Electrical, Chemical, or Electro-Mech Engineering from an accredited college or university; or in lieu of degree, 7 years of related professional experience.

• Must be a United States citizen
• Must have excellent written and oral communication skills
• Must be proficient in Microsoft 365 application suite (Word, Excel, Visio, PowerPoint, etc.)
• Must be able to complete and pass a pre-employment drug screen and background check which includes verification of employment and education
• Familiarity, course work or experience relating to control systems in a least one of the following areas:
  • Programmable Logic Controllers (PLC)
  • Distributed Control Systems (DCS)
  • Control System Theory or Process Modeling
  • Process instrumentation selection and design
  • Analytical instrumentation selection and design
  • Human-Machine Interface- (HMI) design  

Level 1 Preferred Qualifications

• EIT or FE Certification
• Prior co-op or internship experience with ICS or ICS cybersecurity
• Experience helping cross-functional teams understand Information Technology and Operations Technology as it pertains to Industrial Control Systems.
• Working knowledge of one cybersecurity program standard (NIST SP 800-53, 800-82, ISO 27001, IEC/ ISA 62443 etc.)
• Experience administering windows systems (active directory, user, policy, and log management)
• Hands-on or extensive working knowledge with Control Systems engineering task assignments (e.g., logic diagrams, network design, control systems hardware and software design, etc.)
• Experience working with supplier’s (Schneider, ABB, Emerson, Honeywell, Allen Bradley, Rockwell, etc.) control system software 

Level 1 Preferred Qualifications

• EIT or FE Certification
• Prior co-op or internship experience with ICS or ICS cybersecurity
• Experience helping cross-functional teams understand Information Technology and Operations Technology as it pertains to Industrial Control Systems.
• Working knowledge of one cybersecurity program standard (NIST SP 800-53, 800-82, ISO 27001, IEC/ ISA 62443 etc.)
• Experience administering windows systems (active directory, user, policy, and log management)
• Hands-on or extensive working knowledge with Control Systems engineering task assignments (e.g., logic diagrams, network design, control systems hardware and software design, etc.)
• Experience working with supplier’s (Schneider, ABB, Emerson, Honeywell, Allen Bradley, Rockwell, etc.) control system software
• Cybersecurity certification(s), such as ISA Cybersecurity Expert, GICSP, GRID, CompTIA Security+
• Working knowledge of deploying security controls to support security risk strategy
• In-depth understanding of Network Security, L2/L3 Networking, and virtual environments.
• Experience reviewing ICS/SCADA Cybersecurity related policies and procedures