Internship Cyber Security Risk Analyst Jobs in York, PA

Overview
Please note that this position is contingent upon the successful award of a contract currently under bid.
Global in service but local in approach, Nisga'a Tek is committed to high-quality service to those who defend us. Nisga'a Tek ensures mission assurance and execution for customers and warfighters. Providing intelligence, IT, cyber security, training, logistics, administrative, acquisition, and background investigation services.
Summary:
The Operational Technology Security Engineer performs a variety of routine project tasks applied to specialized information assurance problems with operational technology (OT) systems.
Responsibilities
Essential Job Functions:

• Tasks involve integration of OT processes or methodologies with information systems to resolve total system problems, or technology problems as they relate to Cybersecurity requirements.
• Analyzes information security requirements.
• Applies analytical and systematic approaches in the resolution of problems of workflow, organization, and planning.
• Provides security engineering support for planning, design, development, testing, demonstration, and integration of OT systems.

• Strong understanding of OT systems including SCADA, ICS, DCS, PLCs, HMIs, RTUs, and field devices
• Knowledge of secure OT network architectures, including segmentation, firewalls, IDS/IPS, and network monitoring solutions
• Understanding of secure remote access technologies and best practices for OT maintenance and monitoring
• Proficiency with OT relevant cybersecurity frameworks such as NIST CSF, ISA/IEC 62443, and NERC CIP
• Familiarity with DoD cybersecurity requirements including STIGs, TCG configuration guides, IAVMs, and Task Orders
• Ability to develop, maintain, and validate cybersecurity artifacts and documentation
• Understanding of compliance requirements for OT environments and industry specific regulatory obligations
• Proficiency in conducting vulnerability assessments across networks, databases, applications, and OT/IT systems
• Knowledge of vulnerability scanning and asset visibility tools (ACAS, Nessus, Qualys, Forescout, EyeInspect)
• Updates and tracks POA&M entries by documenting findings, logging remediation actions, and keeping milestone dates current to ensure issues move toward closure.
• Ability to recommend risk-based mitigation strategies tailored to OT constraints
• Familiarity with secure configuration baselines, hardening procedures, and compliance enforcement
• Ability to develop and implement OT specific incident response plans
• Knowledge of forensic techniques and tools appropriate for OT systems
• Understanding of patch management workflows and enterprise change management processes
• Ability to build automated workflows for vulnerability remediation, compliance checks, or reporting
• Proficiency with analytical tools such as Microsoft Excel, Access, Power BI, and Power Platform
• Ability to generate clear, accurate, and audit ready cybersecurity reports for technical and leadership audiences
• Understanding of vendor and supply chain security practices for OT equipment and services
• Ability to translate technical findings into actionable recommendations for engineers, operators, and leadership
• Strong research, analytical, and problem-solving abilities
• Excellent written and verbal communication skills, including briefing senior leaders
• Proven ability to work independently and collaboratively with minimal oversight
• Commitment to staying current on emerging OT threats, vulnerabilities, and best practices

• Certification Requirements:
  • Required Training Certifications In:
    • ICS300 or relevant Operational Technology "OT" or Industrial Control System "ICS" Cybersecurity Certifications
    • Forescout
  • DLA Computing Environment: DLA approved CE (M Account Access)
  • Current Requirement: DOD 8570 - IAT 2
  • Future Requirement: DOD 8140
  • Primary Cyber Work Role:
    • Work Element: Cybersecurity (CS)
    • Work Role: 722 - Information Systems Security Manager
    • Proficiency Level: Intermediate
• Seven (7) years of relevant OT Cybersecurity experience
• Experience with OT communication protocols such as Modbus/TCP, EtherNet/IP, IEC 61850, ICCP, DNP3, BACnet, and similar industrial protocols
• Experience producing analytics and trend reports using data from scanners, configuration tools, and monitoring platforms
• Experience bridging IT and OT cybersecurity requirements to ensure aligned policies and protections
• Experience deploying and tuning security monitoring solutions for OT environments, including anomaly detection and threat intelligence integration
• Experience performing OT specific risk assessments, identifying threats, vulnerabilities, and operational impacts
• Experience managing software and firmware updates for OT devices while minimizing operational disruption
• Experience preparing environments for DoD cybersecurity inspections
• Required to possess a DOD SECRET Clearance and be eligible for an IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) upon assignment.

• Bachelor's degree