Industrial Control Systems – IT Cybersecurity Engineer, UPF

  • Bechtel
  • US - TN - Oak Ridge
  • 3 days ago

Company Name: Bechtel

Location: Oak Ridge, TN, US - 37830

Job Duration: 2021-04-08 to 2021-05-08


Requisition ID:  233262

Requisition Posting End Date: 04/19/2021

Project Description:

Bechtel National, Inc. (BNI), Bechtel’s government services business, is one of the top providers to departments and agencies of the U.S. and British governments. Its successes include many large, first-of-a-kind projects in government site management, environmental restoration, defense, space, energy, and national and homeland security. This position will provide support to the Uranium Processing Facility (UPF) located at the Y-12 National Security Complex in Oak Ridge, Tennessee.


UPF will be built by 2025 for $6.5 billion and will be a first-of-its-kind complex for enriched uranium operations in support of Y-12 missions. UPF is one of the Department of Energy’s largest investments in Tennessee since the Manhattan Project and one of the National Nuclear Security Administration’s largest construction projects. When complete, UPF will: replace a 70-year-old facility with modern buildings, reduce operational costs and energy consumption, improve worker safety, and provided enriched uranium capabilities well into the future.


The UPF project has multiple work schedules that are subject to change and may require employees to work overtime and/or night shift when a business need arises. The core construction working hours are between 7:00 a.m. and 5:30 p.m. Monday through Friday. Work schedule and overtime are to be approved in advance by supervisors.


Eligibility for this position requires US citizenship; the successful candidate must provide proof of US citizenship in order to obtain badge access to the site. Candidate must complete security questionnaire and successfully clear site access requirements check. All employees are subject and agree to random drug and alcohol testing as a condition of employment. Must be able to obtain a security clearance, as applicable.


This position is located in Oak Ridge, TN


Job Responsibilities (may include but are not limited to):



The selected candidate for this position will have cybersecurity responsibilities as they relate to industrial Information Technology (IT) systems. These responsibilities focus on performing in a project environment by providing a highly available and secure environment that meets the government-mandated cybersecurity requirements (e.g., Risk Management Framework) in accordance with appropriate standards (e.g., NIST SP 800-53, 800-82, CNSSI 1253, etc.). This position also includes supporting and implementing necessary security controls and enhancements industrial control systems; preparing Engineering and project policies, plans and procedures and adhering to configuration management. In the work environment, the candidate will need to work closely with Engineering, IS&T and cybersecurity professionals to achieve a common goal.


  • The selected candidate may be required to perform the following duties:
    • Perform design assignments involving the application of appropriate engineering techniques.
    • Provide design recommendations in accordance with applicable codes, standards, and procedures.
    • Ensure adequate input and technical guidance to other engineering team members, IS&T and vendors working on deliverables.
    • Prepare detailed technical specifications, datasheets, and requisitions; review vendor documentation.
    • Plan, coordinate or prepare control system component or work package specifications.
    • Prepare or assist in the preparation of conceptual studies, designs (including network design), reports or proposals.
    • Perform or assist in the performance of problem analysis and original design.
    • Provide automation support for the Industrial Control System(s)
    • Interface with the DOE Authorizing Official to achieve Authorization to Operate.
    • Coordinate Cyber Security plans with the site Cyber Security team.


Basic Requirements:

  • Level 1: BS degree in Computer Science, Mechanical, Electrical, Chemical, Computer or Electro-Mech engineering from a US-Accredited institution with at least 9 years of relevant experience; or MS degree from a US accredited institution in Computer Science Mechanical, Electrical, Chemical, Computer or Electro-Mech Engineering with 9 years of IT experience. In lieu of degree, 15 years of related professional experience in the IT field.
  • Level 2: BS degree in Computer Science, Mechanical, Electrical, Chemical, Computer or Electro-Mech engineering from a US-Accredited institution with at least 13 years of relevant experience; or MS degree from a US accredited institution in Computer Science Mechanical, Electrical, Chemical, Computer or Electro-Mech Engineering with 12 years of IT experienceIn lieu of degree, 19 years of related professional experience in the IT field.
  • Must be a United States citizen.
  • Must be able to complete and pass a pre-employment drug screen and background check which includes verification of employment and education.
  • Must be able to obtain a site security badge for access to the worksite.


Minimum Requirements:

  • Proficient experience working as an IT Cybersecurity professional.
  • Experience in Configuration management practices and processes.
  • Proficient experience working with industry codes and standards (e.g., NIST SP 800-53, 800-82, CNSSI 1253, etc.), especially Risk Management Framework (or comparable).
  • Advanced experience developing Information Systems Security Plan (ISSP) content for Industrial Control Systems.
  • Experience working with various vendors control system software (Schneider, ABB Emerson, Honeywell, Allen Bradley, etc.).
  • Working knowledge of ICS/SCADA communication protocols.
  • Experience reviewing ICS/SCADA Cybersecurity-related policies and procedures.
  • Hands-on or extensive working knowledge with Control Systems engineering tasks, assignments, and studies (e.g., Logic Diagrams, network design, control systems hardware and software design, etc.).
  • Extensive knowledge and application of control systems-related Codes and Standards.
  • Working knowledge of ICS/SCADA communication protocols.
  • Experience helping cross-functional teams understand Information Technology and Operations Technology as it pertains to Industrial Control Systems.
  • The candidate has excellent written and oral communication skills.


Preferred Requirements:

  • IT Architecture experience with Cyber Security vulnerability mitigation experience.
  • Experience performing audits and assessments (e.g., blue team, red team, continuous monitoring).
  • Experience administering Windows systems (active directory, user, policy, and log management).
  • Understanding of infrastructure and network architecture and design
  • Understanding of network security
  • Familiarity with assessing attack vectors and vulnerabilities.
  • Must be able to obtain Security + certification with 6 months of hire.
  • GISCP or CISSP security certifications.
  • PE or EIT Registration.



Shaping tomorrow together

Bechtel is one of the most respected global engineering, construction, and project management companies. Together with our customers, we deliver landmark projects that foster long-term progress and economic growth. Since 1898, we’ve completed more than 25,000 extraordinary projects across 160 countries on all seven continents. We operate through four global businesses: Infrastructure; Nuclear, Security & Environmental; Oil, Gas & Chemicals; and Mining & Metals. Our company and our culture are built on more than a century of leadership and a relentless adherence to our values, the core of which are safety, quality, ethics, and integrity. These values are what we believe, what we expect, what we deliver, and what we live.

Bechtel is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity and expression, age, national origin, disability, citizenship status (except as authorized by law), protected veteran status, genetic information, and any other characteristic protected by federal, state or local law.