AMVETS Jobs

FM is a leading property insurer of the world's largest businesses, providing more than one-third of FORTUNE 1000-size companies with engineering-based risk management and property insurance solutions. FM helps clients maintain continuity in their business operations by drawing upon state-of-the-art loss-prevention engineering and research; risk management skills and support services; tailored risk transfer capabilities; and superior financial strength. To do so, we rely on a dynamic, culturally diverse group of employees, working in more than 100 countries, in a variety of challenging roles.

We are seeking a highly motivated and detail-oriented co-op student to join our cybersecurity team. The successful candidate will contribute to the continuous development of cyber mitigation strategies for Operational Technology (OT) environments, leveraging the MITRE ATT&CK for ICS matrix. This position offers hands-on experience in designing attack experiments, evaluating mitigation techniques, and supporting the development of testbeds for validating security measures. The co-op student will also be involved in producing technical documentation and utilizing threat intelligence to enhance our cybersecurity posture.

• Testbed Support

• Assist in the development and maintenance of testbeds for validating cyber mitigation strategies.

• Interest in configuring and troubleshoot hardware and software components within the testbed environment, including industrial devices (PLC, HMI, DCS, RTU, etc.) and industrial software (e.g. OPC UA/DA, PI, historians, user repositories, firewall management including inspection, etc.).

• MITRE ATT&CK for ICS Expertise

• Leverage MITRE ATT&CK for ICS matrix to understand adversarial tactics, techniques, and procedures in industrial control systems.

• Research and propose mitigation strategies to address specific threats identified within the MITRE ATT&CK for ICS framework.

• Run Experiments

• Design and document attack experiments to simulate real-world cyber threats against OT environments.

• Focus on attack strategies that are shifting from immediate exploitation to establishing persistent footholds within OT environments.

• Incorporate techniques such as exploiting supply chains and "living off the land".

• Analysis of Run Experiments

• Evaluate the effectiveness of proposed IT and OT mitigation strategies in preventing or mitigating the impact of simulated attacks.

• Analyze the results of experiments and provide recommendations for improving mitigation techniques.

• Technical Documentation

• Produce clear and concise slipsheets, technical reports, and presentations summarizing research findings and experimental results.

• Document IT and OT attack methodologies, mitigation strategies, and testbed configurations.

• Threat Intelligence and Research

• Leverage threat intelligence feeds and research capabilities to stay informed about emerging cyber threats and vulnerabilities.

• Analyze threat intelligence data to identify relevant threats to our OT environment and propose proactive security measures.

• Use platforms and frameworks to improve and automate threat research.

• Currently enrolled in a Master's degree program in Cybersecurity, Computer Science, Engineering, or a related field.

• Familiarity with industrial control systems (ICS) and operational technology (OT) concepts.

• Understanding of cyber-attack methodologies and mitigation techniques.

• Knowledge of the MITRE ATT&CK framework, particularly the ICS matrix.

• Interest in designing and conducting experiments or simulations.

• Analytical and problem-solving skills.

• Fluency in English, written and verbal communication skills.

• Ability to work independently and as part of a team.

Preferred Skills

• Experience with penetration testing or ethical hacking.

• Knowledge of network security principles and technologies.

• Familiarity with scripting languages such as Python or PowerShell.

• Experience with virtualization technologies such as VMware or VirtualBox.

• Understanding of threat intelligence concepts and tools.

This co-op position offers a valuable opportunity to gain practical experience in the field of OT cybersecurity and contribute to the development of innovative mitigation strategies.

This is an in-office role based in Norwood, MA. Temporary relocation support provided for selected qualified candidate.

FM is an Equal Opportunity Employer and is committed to attracting, developing, and retaining a diverse workforce.

#LI-TA1