Operational Technology Security Engineer

Bart & Associates•Fort Belvoir, VA

About The Position

Operational Technology Security Engineer At B&A, we foster and embrace a distinct set of values that we live by and instill in all aspects of our organization: dedication, commitment, partnership, trust, and recognition. We have incorporated these values into successful delivery for our customers since 1988. B&A believes in ensuring its employees feel deeply connected to B&A, recognizing successes and hard work, and providing continuous opportunities to learn and grow. Our people are entrepreneurial thinkers that combine mindset, vision, and experience to drive value – not only to us as an organization, but to the clients we support. We promote a collaborative culture with our clients, and with each other, as one team working towards a common vision. We’d love for you to join our team! Job Summary B&A is seeking an Operational Technology (OT) Security Engineer who will be responsible for supporting cybersecurity initiatives across industrial and operational technology environments. This role focuses on securing OT systems by integrating cybersecurity practices with industrial processes, ensuring compliance with DoD requirements, and supporting the design, implementation, and monitoring of secure OT architectures. The engineer will analyze security requirements, conduct risk assessments, and provide end-to-end security engineering support across the system lifecycle.

Requirements

Minimum of seven (7) years of experience in OT cybersecurity or related field
Hands-on experience with industrial control systems and OT environments
Strong knowledge of OT systems: SCADA, ICS, DCS, PLCs, HMIs, RTUs, and field devices
Experience with OT communication protocols (Modbus/TCP, DNP3, BACnet, IEC 61850, etc.)
Understanding of secure OT network architectures (segmentation, firewalls, IDS/IPS)
Knowledge of secure remote access solutions for OT environments
Experience with vulnerability scanning tools (ACAS, Nessus, Qualys, Forescout, EyeInspect)
Familiarity with cybersecurity frameworks (NIST CSF, ISA/IEC 62443, NERC CIP)
Understanding of DoD cybersecurity requirements (STIGs, IAVMs, configuration guides)
Experience with patch management and change management processes
Ability to conduct forensic analysis within OT environments
Proficiency in Microsoft Excel, Access, Power BI, and Power Platform
Strong analytical, problem-solving, and research skills
Excellent written and verbal communication skills
Ability to work independently and in team environments
Active DoD Secret Clearance required
Must be eligible for IT-II Non-Critical Sensitive (Tier 3) clearance
DoD 8570 IAT Level II (required), which include one of the following: CompTIA Security+ (CE), CompTIA Cybersecurity Analyst (CySA+), CompTIA SecurityX (formerly CASP+), GIAC Security Essentials Certification (GSEC), and Systems Security Certified Practitioner (SSCP).
ICS300 or equivalent OT/ICS cybersecurity certification
Must be eligible to meet DoD 8140 requirements

Nice To Haves

Experience supporting DoD or federal cybersecurity environments preferred
Forescout certification (preferred/required as applicable)

Responsibilities

Support planning, design, development, testing, integration, and security of OT systems
Analyze and implement OT cybersecurity requirements and controls
Conduct vulnerability assessments across OT/IT systems, networks, applications, and databases
Develop, maintain, and validate cybersecurity documentation and artifacts
Manage and track POA&M entries, including remediation actions and timelines
Perform OT-specific risk assessments and recommend mitigation strategies
Support DoD cybersecurity inspections and ensure environment readiness
Deploy and tune OT security monitoring solutions (IDS/IPS, anomaly detection, etc.)
Develop and implement OT-specific incident response plans
Manage software/firmware updates while minimizing operational disruption
Generate cybersecurity reports, analytics, and trend analysis for leadership
Bridge IT and OT cybersecurity practices to ensure aligned protections
Provide technical recommendations to engineers, operators, and leadership
Support compliance with industry and regulatory cybersecurity standards
Build automated workflows for vulnerability management and reporting

Benefits

B&A is proud to offer three robust individual and family medical plans to full time employees, including a Health Savings Account (HSA) option as well as two tiers of dental coverage, vision, life & AD&D, disability, accident, hospital indemnity, and critical illness insurance.
In addition to these benefits, B&A employees enjoy paid time off, B&A sponsored trainings and certifications, pet insurance benefits, commuter transit benefits and a free subscription to a virtual exercise platform (NEOU).
B&A’s 401(k) plan is available to all employees and includes a company matching contribution.
The B&A Cares program: 30/60/90-day wellness check ins, personal development, financial management, and stress management seminars, and more
A formal mentorship program
Job shadowing and cross training opportunities
Brand Ambassador program
Employee Assistance Program (EAP) - Access to various support resources to include counseling, legal guidance, financial planning, and more
Monthly teambuilding events
B&A Annual Wellness Challenges: #StepWithB&A, #WalkDuringLunchWithB&A, #VolunteeringWithB&A, #ExerciseDuringLunchWithB&A, and more