Colonial Pipeline Looks For A Cyber Security Manager Following Ransomware Attack

While the Colonial Pipeline was recovering from an outage due to a ransomware attack, on Thursday the company posted a job for a “Cyber Security Manager,” aimed at preventing future cyber attacks.

“As the Manager, Cyber Security, you are accountable for managing a team of cyber security certified subject matter experts and specialists including but not limited to network security engineers, SCADA & field controls network engineers and a cyber security architect,” a job description on Daybook stated. “As the Manager, you will lead the development of the enterprise strategy for cybersecurity; will oversee the development of standards and processes for cyber security; lead the recovery from security incidents; and guide forensics of incidents. You are someone who has an understanding of emerging security threats in order to design security policies and procedures to mitigate threats where possible.”

Job duties, according to the posting, include:

Develops, validates, and maintains an incident response plan and processes to address potential threats.

Participates in industry task forces and working groups (Financial Services Information Sharing and Analysis Center, FBI InfraGard, Anti-Phishing Working Group, etc.) to understand current and future threats.

Communicates risk assessment findings to information security management, technology organization, and business partners.

Provides consultative advice on information security management that enables business leaders to make informed risk management decisions.

Develops and/or analyzes and revises existing administrative operations and management controls for cybersecurity including standard practices, operating procedures, management systems, and reporting documentation.

The company’s ideal candidate’s background would include:

Master’s degree in computer science, information security, cybersecurity or a related field.

Ideally, 8+ years of experience in information security, especially on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).

Ideally 8+ years of experience in another IT function, especially IT Audit.

Ideally 5+ years of experience with regulatory compliance and information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.).

Certifications are a plus.

The Colonial Pipeline was shut down last Friday and held ransom to Eastern European hackers, which forced the U.S. Department of Transportation to issue an emergency declaration in 17 states and the District of Columbia on Sunday following the attack. According to The Daily Wire, “The declaration permitted fuel to be transported by road to Alabama, Arkansas, the District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, New Jersey, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas, and Virginia.”

Colonial Pipeline reportedly paid nearly $5 million in “untraceable cryptocurrency” to DarkSide, a hacker group believed to be affiliated with the Kremlin. “The group, which admitted they were responsible for locking up Colonial Pipeline’s servers on Monday, claims they are not affiliated with any government and that their motivation is primarily financial, not political,” The Daily Wire reported.

Related: Crisis Ended: Colonial Pipeline Restarts Operations Following Cyber-Attack

Related: Gas Pipeline Reportedly Still Days Away From Reopening As Stations Across Southeast Run Dry

The Daily Wire is one of America’s fastest-growing conservative media companies and counter-cultural outlets for news, opinion, and entertainment. Get inside access to The Daily Wire by becoming a member.