Sometime before the disastrous ransomware attack on its network and the East Coast gas shortage that followed, Colonial Pipeline was apparently looking for someone to help run its cybersecurity team.
The energy company, which manages America’s largest oil pipeline, is currently working feverishly to restore full service after being targeted by the ransomware gang DarkSide. The cyberattack, which the company says it learned about on May 7, has prompted a federal response, emergency declarations in multiple states, and spurred a panicked gas-buying melee across the Southeast.
On Wednesday, people online noticed a job listing that had recently been reposted to the job site Day Book. Colonial Pipeline was apparently looking for a “Cyber Security Manager,” as the post puts it. It’s not exactly clear when the initial job posting was created, though it would appear to have been at some point during the last few months. Colonial’s website says the listing was created “+30 days ago,” and job sites like Day Book will continually scrape sites and repost listings with new dates.
According to Colonial’s job description, the security manager would’ve been responsible for maintaining “an incident response plan and processes to address potential threats.” The company was also looking for someone who could manage “a team of cyber security certified subject matter experts and specialists including but not limited to network security engineers, SCADA & field controls network engineers and a cyber security architect.” All good stuff! The listing is still available on Colonial’s website.
Reached for comment, the company said in an email that they did not create the position in response to the DarkSide ransomware attack.
“The cybersecurity position was not created as a result of the recent ransomware attack. We have several positions open as part of our longer-term growth strategy around talent, as we are constantly recruiting top-tier talent across all functional areas of our business,” a Colonial spokesperson said in a statement. “The position to support cybersecurity would be an example of that. This is a role that we have been looking to add in an effort to continue building our current cyber security team.”
It’s somewhat unclear whether the position was ever filled (if it wasn’t, that might explain a lot). However, the future-tense in this statement (“would be an example of that,” “looking to add”) certainly seems to suggest that the position was never actually filled.
The Colonial attack comes at a time when lawmakers are currently looking to improve overall cybersecurity for critical infrastructure. The Biden administration and Congress have both proposed varying solutions to make the country’s resources more secure. There’s no doubt that the sight of America’s largest oil pipeline being paralyzed by online extortionists will likely have some effect on those decisions. In the meantime, if you’re a security professional who wants a “a great place to work, where people matter most, and where safety 24/7 is paramount,” you can apply right here.