IoT Security Deployment Expert/Solution Architect

Job Description

About Atos

Atos is a global leader in digital transformation with over 110,000 employees in 73 countries and annual revenue of over € 11 billion. European number one in Cloud, Cybersecurity and High-Performance Computing, the Group provides end-to-end Orchestrated Hybrid Cloud, Big Data, Business Applications and Digital Workplace solutions. The group is the Worldwide Information Technology Partner for the Olympic & Paralympic Games and operates under the brands Atos, Atos Syntel, and Unify. Atos is a SE (Societas Europaea), listed on the CAC40 Paris stock index.

The purpose of Atos is to help design the future of the information technology space. Its expertise and services support the development of knowledge, education as well as multicultural and pluralistic approaches to research that contribute to scientific and technological excellence. Across the world, the group enables its customers, employees and collaborators, and members of societies at large to live, work and develop sustainably and confidently in the information technology space.

Your role in Atos - Job Description

IoT Security Deployment Expert/Engineer is a strong technical position which will support the various on-site or remote Atos customer’s IoT information security, cybersecurity projects on various project life cycle and maturity assessment. You may also support broader cyber security risk assessment, which IoT is integral part, like in manufacturing industry, etc. You will work directly with various engineering teams to design and build secure vehicle hardware, firmware, and communication protocols, develop tooling to automate and scale security testing capabilities to support prototyping and development processes. Moreover, you may work with engineers to ensure that critical systems and workflows have effective and appropriate security detection and response capabilities based on various amounts of data to detect and prevent IoT attacks. You may support customer’s development or R&D centers implementing “security by design” concept or assisting in eliminating currently identified customer’s IoT cyber risk exposure.

Exemplary responsibilities on the dedicated IoT cyber security project may include:

• Being integral part of our customer’s automotive or cosmetics production line design center teams,
• Providing architectural and engineering design and design-build facility construction services as aspect of physical security
• Perform IoT risks identification, analysis and provide recommendations to secure Operational Technology (OT) systems protection and networks separations to insure reliable and safe operations.
• Assessment, replacement, upgrade, expansion or increase security of facility industrial control systems (ICS) or PLMs,
• You may provide audit or review of current OT, IoT infrastructure including federal, water / wastewater, and industrial or critical infrastructure of the given country or validating secure system and separation between IT and OT network designs for critical infrastructure.
• Elaboration and providing network and system specification documentation deliverables to address cybersecurity vulnerabilities and the security controls necessary to mitigate the vulnerabilities to an acceptable level of risk
• Serving as Atos project team’s IoT lead cybersecurity consultant and designer to facilitate reliable, safe, and secure network and system designs satisfied by the various project constraints (cost, schedule, resources, risk, capability, regulations, industry cybersecurity standards, etc.) for multiple facility design or design-build projects
• Participation in project meetings and coordinate deliverables with clients and other customer’s team designers, programmers, implementers, architects, and engineers.
• Providing post project Quality Control design validation reviews to ensure conformance with specifications
• Providing client consulting assistance to include master planning in conformance with standards, policies, procedures, and directives relevant to the owner / client industry
• Managing or review Cybersecurity / Engineering deliverables in the project delivery of IoT cybersecurity services

What Are We Looking For / Essential skills and competencies:

• Master's degree in Computer Science, Engineering, or related field or equivalent work experience
• More than 5 years of experience in roles related IoT or embedded system security assessment, especially in critical infrastructure (Healthcare, Manufacturing, Automotive, Utilities: Energy, Oil & Gas, Chemical, Water, Wastewater, Power Generation, etc.)
• More than 5 years of experience in network design and system configuration to include firewalls, protocols, ports, VLANs, VMs, and route configuration.
• Data analysis experience: Wireshark PCAPs, NMAP, Intrusion Detection Systems (IDS)
• Practical knowledge of common IoT attack vectors and vulnerabilities
• ICS network design experience and familiarity with the Purdue Model
• Experience with multiple equipment manufacturers and OT protocols
• HVAC Control Systems experience to include BACnet and LonWorks protocols
• Experience with multiple control system types (PLC based, DCS, BMS, and SIS)
• Experience with SCADA systems, PLC Programming, HMI, Operator Interface Terminals
• Experience conducting security assessments of backend systems relating to IoT devices
• Experience recommending or implementing solutions to mitigate security vulnerabilities
• Familiarity with MVNO, SIM card provisioning
• Familiarity with encryption protocols such as TLS, SSL and protection for data in transit, data in use, and data at rest
• Experience with communication protocol and signal analysis
• More than 5 years of experience in ICS solutions design, development, deployment, and commissioning in a virtual and / or cloud-based hosting environment
• Practical knowledge of IoT wireless communication including LTE Cat 1, LTE Cat M1 and Bluetooth, FreeRTOS, UART, I2C, STM32, CANbus, nRF5x, Golang for backend systems, Amazon Web Services
• Applying working knowledge of secure networking standards to include NIST-800, ISA-62443, UFC-4-010-06 or others required by Customer
• Cybersecurity Standards experience (ISA 62443, DoD RMF, ISO, NERC / FERC, etc.)
• Experience in or validation cybersecurity commissioning (CFAT / CSAT) or audits of ICS networks or systems
• CISSP or GICSP certification or other industry certificates related to IoT,
• Experience or certifications in networking, encryption, programming, scripting, database design, Docker Containers, ADS, MCSE, AWS, Cisco, PE, CISA, CEH, etc.
• Excellent customer service and communication (oral / written) skills required.
• Must be able to work independently or with a team, under minimum supervision, reporting to Project Manager of given assignment or Line Manager.
• Fluent English is a must, Intermediate or Fluent German or French is a great plus
• International mobility to serve our global clients and work with our global clients (50-100%) Europe or other continents. You accept readiness to travel up to 80-100% on average 60% also there are remote projects dependent on the assignment, mainly Europe but other continents are also possible.
• EU work permit is a must, US visa is a plus
• UK Security Clearance or UK citizenship – is a big plus
• Location - anywhere in Poland close to an international airport.

We take care of your personal data privacy. More information about processing your personal data within recruitment process you can find on our website: https://atos.net/pl/polska/gdpr .