Skip to content

ICS Forensic Investigator

  • On-site
    • Scanton, Pennsylvania, United States

Job description

Project: Comprehensive OT Asset Inventory including HW/SW connectivity to the PLC level

Location: Scranton, PA - Onsite for 3-5 months

Timeline:

  • Project start date: June/July
  • Project completion date: Within 3-5 months of project start.

Client: BSA

Project Summary:

BSA is seeking a qualified subcontractor to conduct a comprehensive forensic investigation of the OT environment at our clients manufacturing facility. This project requires a highly skilled and experienced ICS forensic investigator with a strong understanding of industrial automation systems, including robots, presses, furnaces, welders, and conveyance systems.

Project Scope:

  • Conduct a detailed on-site investigation of the facility's OT environment for a duration of 3-5 months.
  • Inventory all OT assets, including robots, presses, furnaces, welders, convenience systems, and any other control system components, down to the PLC level.
  • Document the hardware and software connectivity requirements for each OT asset (PLCs, HMIs, sensors, actuators, network devices, etc.).
  • Utilize forensic techniques to identify potential security vulnerabilities within the OT environment.
  • Collaborate with facility engineers and IT personnel to understand system functionality and minimize disruption to production.
  • Document findings in a clear, concise, and organized manner.
  • Prepare a comprehensive report outlining the OT asset inventory, connectivity requirements, and identified vulnerabilities.

Job requirements

Subcontractor Qualifications:

  • Proven experience in conducting forensic investigations of OT environments (minimum 3 years).
  • In-depth knowledge of industrial automation protocols (e.g., Modbus, Profibus, PROFINET, etc.).
  • Strong understanding of PLC programming languages (e.g., Ladder Logic, Function Block Diagram, etc.).
  • Experience working in a production environment with minimal disruption to operations.
  • Excellent analytical and problem-solving skills.
  • Strong written and verbal communication skills.
  • Ability to work independently and as part of a team.
  • Ability to work flexible hours, including nights and weekends, to accommodate equipment access schedules.
  • Valid driver's license and the ability to travel to the on-site location is required.

Preferred Qualifications:

  • Experience with specific OT equipment types used in the [Industry] manufacturing sector (e.g., robots, presses, furnaces).
  • Certifications in ICS security (e.g., GICSP, CISSP with ICS concentration).
  • Experience with OT forensic investigation tools.

Deliverables:

  • Detailed OT asset inventory report.
  • Documentation of hardware and software connectivity requirements for each OT asset.
  • Report outlining identified security vulnerabilities within the OT environment.

or