Senior Security Consultant - Ot

Tenable

Tenable helps you find, prioritize & fix cyber risk, in the cloud and on-prem, using robust security, vulnerability management, and compliance tools.

View company page

Tenable is the Exposure Management company. 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Our global employees support 65 percent of the Fortune 500, 45 percent of the Global 2000, and large government agencies. Come be part of our journey!
What makes Tenable such a great place to work?
Ask a member of our team and they'll answer, "Our people!" We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When you're part of our #OneTenable team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!
Your Role:
The Senior Security Consultant is responsible for architecting a Vulnerability Management

solution leveraging Tenable solutions based on established industry standards and Tenable best practices. Senior Security Consultants should be able to assess and advise clients on best practices for reducing Cyber Exposure risks across their entire attack surface.
In addition, the Sr. Security Consultant will lead and execute on engagements in mission critical operational environments (Industrial Control System (ICS) / Operational Technology (OT)), often having a direct impact on improving security across multiple critical infrastructure industries. The consultant will design and architect secure control system environments and technologies across some of the world's leading organizations in oil & gas, and utilities, as well as chemical, technology & communications, manufacturing, transportation, health & life sciences.
Executing client engagements that exceed expectations based on strong understanding of the client's business and their unique needs by:
Providing recommendations on architecture, deployment, and configuration of Tenable solutions
Providing best practices regarding usage of ICS/OT, SecurityCenter, Nessus and Tenable.io in client environments
Advising clients on process best practices enabled by Tenable solutions
Advising on integration scenarios to clarify desired workflows and outcomes
Research client needs/requirements and identify areas where changes can make maximum impact
Review, assess and recommend security controls associated with client environments (i.e., IT Assets, infrastructure, network, SCADA, ICS/OT systems, etc.)
Creating additional value for clients through continual insights and consultative advice based on experience with the Tenable products, the client, their industry, established standards, and industry/company best practices
Assist clients with installing, configuring, and operating Tenable solutions
Develop scan policies, assets, scans, dashboards and reports to meet client needs
Assist client with upgrades and migration to new hardware or software versions
Training client staff on implementation, configuration and best practices usage of Tenable solutions as needed
Industrial Control System (ICS) / Operational Technology (OT)
Develop effective processes, procedures and tools that aid in the design and support of ICS/OT architecture and solutions; and review existing controls for additional improvement and/or enhancement
Provide subject matter expertise and support solution shaping in the field of IT Network and ICS/OT Security
Assist in building and diversifying the larger PS team to help deliver ICS/OT design services, consulting and managed services to internal and external clients
Develop and maintaining positive partnerships with clients
Support the Professional Services Engagement manager in pre- and post-sale business development activities to include:
Conduct in-depth needs analysis with technical staff to determine requirements and specifications of post-sales engagements in line with Tenable best practices
Support and or write the development of Statements of Work
Help identify further revenue opportunities by promoting deeper and broader deployment of Tenable solutions and services
Liaise with Tenable Technical Support when dealing with an onsite client escalation
Enable Tenable partners by training, mentoring, certifying, and validating
Documentation of methods and best practices for use internally and with clients
Contribute to the development and maintenance of internal delivery methods and tools
Mentor fellow consultants on best practices, lessons learned, tactics and strategies for improving client experiences
Travel: Willing and able to travel to client sites up to 50%
What You'll Need:
Bachelor's degree OR 8+ years experience in Networking, IT, security, risk management or professional services
Recent in-depth experience performing vulnerability analysis, configuration audits, security monitoring within ICS environments
Deep understanding of Cyber Exposure to include the lifecycle states, as well as network / ICS/OT asset classes
In depth knowledge of, ICS environments including Programmable Logic Controls (PLCs), Human Machine Interfaces (HMIs), and other field devices such as smart sensors
In Depth knowledge of ICS technologies and how they are deployed in different industry verticals
Understanding of ISA 95 / Purdue Model
In depth knowledge of networks, Linux/Unix and Windows administration, patch deployment and system configuration
Advanced networking skills from architecture, segmentation, packet captures, protocols, VLANs, WLANs, Firewalls and troubleshooting
Understanding of Distributed control systems (DCS) and supervisory control & data acquisition (SCADA) architecture
Strong analytical, interpersonal, communication and writing skills
Understanding of security principles, policies and industry best practices
Knowledge of auditing / compliance frameworks (e.g., ISO, PCI, GLBA, NIST, HIPAA, NEI 13-10 etc.)
Understanding common network monitoring tools such as IDS/IPS
Knowledge of Cyber Threat Landscape, common breach techniques and associated vulnerabilities
Consulting skills with an emphasis on client management, objection handling and a commitment to client success
Security Clearance Preferred
And Ideally:
Certifications - GIAC Global Industrial Cyber Security Professional (GICSP), Practical Network Penetration Tester Certification (PNPT), Offensive Security Certified Professional (OSCP), GIAC Critical Infrastructure Protection (GCIP), GIAC Response and Industrial Defense (GRID).
This is the base pay range for this position. Compensation for the role will depend on a number of factors, including the candidate's qualifications, skills, competencies, location and experience, and may fall outside of the range shown. Employees are also eligible for variable compensation in addition to base pay (commission for sales roles, bonus for non-sales roles), depending on company and individual performance. Tenable also offers a variety of comprehensive and competitive benefits which include: medical, dental, vision, disability and life insurance; 401(k) retirement savings with company match; an employee stock purchase plan; an employee referral program; flexible spending accounts; an Employee Assistance Program (EAP); education assistance; parental leave; paid time off (PTO); company-paid holidays; health and wellness events; and community programs.
US Pay Ranges$120,000—$160,000 USD

Who is Tenable?
Tenable is the Exposure Management company. 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Our global employees support 65 percent of the Fortune 500, 45 percent of the Global 2000, and large government agencies. Come be part of our journey!
What makes Tenable such a great place to work?
Ask a member of our team and they'll answer, "Our people!" We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When you're part of our #OneTenable team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!
Your Role:
The Senior Security Consultant is responsible for architecting a Vulnerability Management

solution leveraging Tenable solutions based on established industry standards and Tenable best practices. Senior Security Consultants should be able to assess and advise clients on best practices for reducing Cyber Exposure risks across their entire attack surface.
In addition, the Sr. Security Consultant will lead and execute on engagements in mission critical operational environments (Industrial Control System (ICS) / Operational Technology (OT)), often having a direct impact on improving security across multiple critical infrastructure industries. The consultant will design and architect secure control system environments and technologies across some of the world's leading organizations in oil & gas, and utilities, as well as chemical, technology & communications, manufacturing, transportation, health & life sciences.
Your Opportunity:
Executing client engagements that exceed expectations based on strong understanding of the client's business and their unique needs by:
Providing recommendations on architecture, deployment, and configuration of Tenable solutions

Providing best practices regarding usage of ICS/OT, SecurityCenter, Nessus and Tenable.io in client environments

Advising clients on process best practices enabled by Tenable solutions

Advising on integration scenarios to clarify desired workflows and outcomes

Research client needs/requirements and identify areas where changes can make maximum impact

Review, assess and recommend security controls associated with client environments (i.e., IT Assets, infrastructure, network, SCADA, ICS/OT systems, etc.)

Creating additional value for clients through continual insights and consultative advice based on experience with the Tenable products, the client, their industry, established standards, and industry/company best practices

Assist clients with installing, configuring, and operating Tenable solutions

Develop scan policies, assets, scans, dashboards and reports to meet client needs

Assist client with upgrades and migration to new hardware or software versions

Training client staff on implementation, configuration and best practices usage of Tenable solutions as needed

Industrial Control System (ICS) / Operational Technology (OT)
Develop effective processes, procedures and tools that aid in the design and support of ICS/OT architecture and solutions; and review existing controls for additional improvement and/or enhancement

Provide subject matter expertise and support solution shaping in the field of IT Network and ICS/OT Security

Assist in building and diversifying the larger PS team to help deliver ICS/OT design services, consulting and managed services to internal and external clients

Develop and maintaining positive partnerships with clients

Support the Professional Services Engagement manager in pre- and post-sale business development activities to include:
Conduct in-depth needs analysis with technical staff to determine requirements and specifications of post-sales engagements in line with Tenable best practices

Support and or write the development of Statements of Work

Help identify further revenue opportunities by promoting deeper and broader deployment of Tenable solutions and services

Liaise with Tenable Technical Support when dealing with an onsite client escalation

Enable Tenable partners by training, mentoring, certifying, and validating

Documentation of methods and best practices for use internally and with clients

Contribute to the development and maintenance of internal delivery methods and tools

Mentor fellow consultants on best practices, lessons learned, tactics and strategies for improving client experiences

Travel: Willing and able to travel to client sites up to 50%

What You'll Need:
Bachelor's degree OR 8+ years experience in Networking, IT, security, risk management or professional services

Recent in-depth experience performing vulnerability analysis, configuration audits, security monitoring within ICS environments

Deep understanding of Cyber Exposure to include the lifecycle states, as well as network / ICS/OT asset classes

In depth knowledge of, ICS environments including Programmable Logic Controls (PLCs), Human Machine Interfaces (HMIs), and other field devices such as smart sensors

In Depth knowledge of ICS technologies and how they are deployed in different industry verticals

Understanding of ISA 95 / Purdue Model

In depth knowledge of networks, Linux/Unix and Windows administration, patch deployment and system configuration

Advanced networking skills from architecture, segmentation, packet captures, protocols, VLANs, WLANs, Firewalls and troubleshooting

Understanding of Distributed control systems (DCS) and supervisory control & data acquisition (SCADA) architecture

Strong analytical, interpersonal, communication and writing skills

Understanding of security principles, policies and industry best practices

Knowledge of auditing / compliance frameworks (e.g., ISO, PCI, GLBA, NIST, HIPAA, NEI 13-10 etc.)

Understanding common network monitoring tools such as IDS/IPS

Knowledge of Cyber Threat Landscape, common breach techniques and associated vulnerabilities

Consulting skills with an emphasis on client management, objection handling and a commitment to client success

Security Clearance Preferred

And Ideally:
Certifications - GIAC Global Industrial Cyber Security Professional (GICSP), Practical Network Penetration Tester Certification (PNPT), Offensive Security Certified Professional (OSCP), GIAC Critical Infrastructure Protection (GCIP), GIAC Response and Industrial Defense (GRID).

This is the base pay range for this position. Compensation for the role will depend on a number of factors, including the candidate's qualifications, skills, competencies, location and experience, and may fall outside of the range shown. Employees are also eligible for variable compensation in addition to base pay (commission for sales roles, bonus for non-sales roles), depending on company and individual performance. Tenable also offers a variety of comprehensive and competitive benefits which include: medical, dental, vision, disability and life insurance; 401(k) retirement savings with company match; an employee stock purchase plan; an employee referral program; flexible spending accounts; an Employee Assistance Program (EAP); education assistance; parental leave; paid time off (PTO); company-paid holidays; health and wellness events; and community programs.
US Pay Ranges$120,000—$160,000 USD If you've reached this point, and you're still not sure if you should apply…..Just do it! We're human and we don't fit a perfect mold. Having diverse backgrounds, experiences and perspectives, that's a good thing! If you're coming from outside of the cyber industry - great! If you're looking to try something new - awesome! All we ask is you bring passion to all that you do, crave creativity and innovation, and embrace the hard work of gaining new skills and accepting big challenges.
We're committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels. If you need a reasonable accommodation due to a disability during the application or recruiting process, please contact

********

for further assistance.
Tenable Data Consent Statement
Tenable is committed to protecting the privacy and security of your personal data. This Notice describes how we collect and use your personal data during and after your working relationship with us, in accordance with the General Data Protection Regulation ("GDPR"). Please click here

to review.
For California Residents: The California Consumer Privacy Act (CCPA) requires that Tenable advise you of certain rights related to the collection of your private information. Please click here

to review.

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr