Cyber Security Analyst Jobs in Decatur, GA (NOW HIRING)

Location: Ann Arbor, MI, US Jacksonville, FL, US Cary, NC, US Greenville, SC, US Tampa, FL, US Phoenix, AZ, US Orlando, FL, US Atlanta, GA, US Charleston, SC, US Dallas, TX, US Tualatin, OR, US Columbia, SC, US Austin, TX, US South Jordan, UT, US Kansas City, MO, US Houston, TX, US Company: Black & Veatch Family of Companies Together, we own our company, our future, and our shared success. As an employee-owned company, our people are Black & Veatch. We put them at the center of everything we do and empower them to grow, explore new possibilities and use their diverse talents and perspectives to solve humanity's biggest challenges in an ever-evolving world. With over 100 years of innovation in sustainable infrastructure and our expertise in engineering, procurement, consulting and construction, together we are building a world of difference.

Company: Black & Veatch Corporation Opportunity Type: Staff Relocation eligible: Yes Full time/Part time: Full-Time Project Only Hire: Yes Visa Sponsorship Available: No

Black & Veatch allows you to lend your talent and perspective to humanity's biggest challenges in a flexible environment where you are empowered to grow and explore new possibilities. We offer competitive compensation, 401k match and benefits that start day one. Our hybrid environment allows you to balance your work and personal life. At Black & Veatch, you own your career with purpose and meaning. You are empowered to grow and explore new possibilities at every step of your career journey. Bring your big ideas knowing you are safe to be who you are and speak up with concerns or questions and put your diverse talents and perspectives to use.

Black & Veatch (BV) is seeking a direct-hire, full-time on-site Cybersecurity Custodian to support cybersecurity execution for a new Power Plant project in Beech Island, South Carolina. Supported and led by BV Senior Cybersecurity Consultants, this individual will be the day-to-day on-site custodian for Operational Technology (OT) / Industrial Control Systems (ICS) cybersecurity activities, coordinating with EPC, Owner, and vendors to ensure systems are secured, cybersecurity requirements are met, and all work is documented in a complete, audit-ready evidence package. This role is perfect for individuals experienced with power plant control systems (DCS/PLC/SCADA/HMI) who are enthusiastic about applying cybersecurity in practical construction and commissioning settings. The role begins no later than November 2026 to support readiness activities ahead of Distributed Control System (DCS) Factory Acceptance Testing (FAT) in March 2027, includes travel to vendor FAT/Cyber FAT (CFAT) locations, and remains on-site through installation, commissioning, and turnover. After completion of the Beech Island project, the role is expected to continue as a full-time ICS Cybersecurity Consultant position supporting B&V's Infrastructure Advisory (IA) Industrial Cybersecurity team across additional OT/ICS projects. The post-project role can be based at the BV office in Columbia, SC or any other BV office location.

Report operationally to the project leadership team, while working closely with B&V cybersecurity stakeholders. Work closely with the IA ICS Cybersecurity team who provides back-office support including: Project planning and cybersecurity execution roadmap, Standards, templates, and evidence packages, Requirements interpretation and technical guidance and Action-item tracking support and cadence facilitation Execute the on-site work, coordinate vendors, and ensure evidence is captured and organized.

Cybersecurity Program Execution & Evidence Ownership Supported and lead by BV Senior Cybersecurity Consultants from Home Office, manage day-to-day execution of the on-site OT cybersecurity program, including tracking requirements, planned actions, and completion status and report status of activities to BV Senior Cybersecurity Consultants for review and approvals Build and maintain an organized evidence repository (audit-ready), ensuring deliverables are properly dated, labeled, and attributable. Maintain logs, checklists, procedures, forms, test results, scan outputs, approvals, and sign-offs as required. CFAT / Cyber Site Acceptance Testing (CSAT) Support Support pre-CFAT readiness and participate in vendor CFAT activities as required (travel required). Validate cybersecurity controls prior to shipment (where applicable), including accounts, logging, backups, malware controls, and baseline configurations. Track and close cyber-related FAT punch items; ensure retests and final evidence are captured and filed. Identity, Credential, and Access Control Verify and document required access controls including MFA for remote access, least privilege, and role-based access models. Support account management documentation: default credential changes, service account controls, privilege verification, termination/role-change access actions, and secure credential handover processes. Asset Inventory, Configuration Baselines & Change Tracking Maintain support for hardware/software inventory requirements (including OS/firmware versions, asset tags, locations, network references). Track configuration baselines, redlines, and as-built updates throughout construction and commissioning. Coordinate change documentation and evidence, including post-change backup capture and validation. Removable Media & Transient Cyber Assets (TCA) Controls Enforce and document removable media and transient device controls in line with Owner policies and site procedures. Oversee malware scanning workflows, authorization forms, encrypted media handling, quarantine steps, and scanning evidence retention. Coordinate vendor site visit preparations (e.g., ensuring vendor laptop/TCA scanning expectations are met). Monitoring, Logging, and Detection Enablement Coordinate and document OT log onboarding to Splunk/SIEM, including log sources, retention requirements, and forwarding architecture. Support readiness for NIDS/span port configuration and event forwarding requirements. Validate and document that logging is enabled, time-synchronized, and functioning without impacting system performance. Additional Key Responsibilities Backup, Recovery, and Resilience Verify backup procedures are in place for OT assets and that backups are created after major changes (patching, configuration updates). Support restoration testing where required; ensure offline backup handling meets custody and storage requirements. Track encrypted portable hard drives / backup media custody and handover documentation where applicable. Incident Reporting & Response Support Maintain cyber escalation contacts and on-site reporting procedures. Support documentation of cybersecurity events, policy violations, corrective actions, and evidence of remediation steps. Coordinate with ICS Cybersecurity and Owner stakeholders for incident-related communications and records. Training, Workforce Security & Compliance Documentation Track and maintain evidence for required cybersecurity awareness training completion. Support workforce security evidence collection (e.g., authorization logs, background check logs, access revocations). Conduct periodic verification that access authorizations remain current and justified.

Maintain a complete, well-organized cyber evidence repository that maps activities to requirements and stands up to Owner and compliance scrutiny. Enable smooth FAT/CFAT/commissioning progress by identifying cybersecurity gaps early and driving closure without schedule disruption. Demonstrate strong coordination across vendors, EPC, site teams, and the back-office cyber team. Establish consistent cyber processes on-site that improve repeatability and reduce risk.

Individual Contributor Preferred Qualifications 3+ years supporting industrial/power generation control systems or OT environments. Cybersecurity training or certifications (e.g., Security+, GIAC, ISA/IEC 62443, CISSP). Practical knowledge of OT networking fundamentals such as: IP addressing, VLANs, firewall concepts, routing basics. Familiarity with NERC CIP concepts, OT segmentation, MFA, jump hosts, and least-privilege design. Ability to work on-site in Beech Island, SC for 12+ months (typical 5x8 with occasional off-hours during cutovers). Willingness to travel to vendor facilities for CFAT support. Occasional travel for planning/working sessions may be requested. Eligible to meet badging/background/site access requirements. Experience with Splunk/SIEM, antivirus/whitelisting, vulnerability scanning, or backup tooling. Experience supporting FAT/commissioning on large capital projects (power generation or similar). Strong documentation discipline—ability to produce clear procedures, logs, checklists, and evidence packages. Experience working with vendors and multi-discipline teams in construction/commissioning environments Minimum Qualifications Bachelor's Degree or relevant work experience. 4+ years experience in a business/consulting environment. All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations. Certifications Certifications related to area of expertise, where applicable preferred.