Operational Technology Security Engineer Secret or Top Secret

About The Position

Requirements

• Seven (7) years of relevant OT Cybersecurity experience
• Experience with OT communication protocols: Modbus/TCP, EtherNet/IP, IEC 61850, ICCP, DNP3, BACnet
• Strong understanding of OT systems: SCADA, ICS, DCS, PLCs, HMIs, RTUs, and field devices
• Knowledge of secure OT network architectures: segmentation, firewalls, IDS/IPS, and network monitoring solutions
• Experience managing software and firmware updates for OT devices while minimizing operational disruption
• Proficiency with OT-relevant cybersecurity frameworks: NIST CSF, ISA/IEC 62443, NERC CIP
• Familiarity with DoD cybersecurity requirements: STIGs, TCG configuration guides, IAVMs, and Task Orders
• Experience preparing environments for DoD cybersecurity inspections (CCRI, CORA)
• Ability to develop, maintain, and validate cybersecurity artifacts and documentation
• Knowledge of vulnerability scanning and asset visibility tools: ACAS, Nessus, Qualys, Forescout EyeInspect
• Updates and tracks POA&M entries - documents findings, logs remediation, keeps milestones current
• Experience performing OT-specific risk assessments, identifying threats, vulnerabilities, and operational impacts
• Experience deploying and tuning security monitoring solutions for OT environments including anomaly detection
• Ability to develop and implement OT-specific incident response plans
• Ability to build automated workflows for vulnerability remediation, compliance checks, or reporting
• Experience bridging IT and OT cybersecurity requirements to ensure aligned policies and protections
• Security+, or CCNA-Security, or CySA+
• ICS300 or relevant OT/ICS Cybersecurity Certifications

Nice To Haves

• GICSP (GIAC Global Industrial Cyber Security Professional) - preferred
• ISA/IEC 62443 Cybersecurity Certificate
• GRID (GIAC Response and Industrial Defense)
• GCIP (GIAC Critical Infrastructure Protection)
• CSSA (IACRB Certified SCADA Security Architect)
• Forescout or EyeInspect Experience or FCNSA certification

Responsibilities

• Assist with identification, classification, and prioritization of OT security and vulnerability-related efforts
• Work with stakeholders on remediation of OT vulnerabilities
• Review OT vulnerability reports for known assets and devices
• Coordinate fixes and updates for edge device vulnerabilities
• Ensure correct teams are notified of OT vulnerability issues with their edge devices
• Coordinate reviews of unknown OT assets and devices with application owners
• Investigate and coordinate reviews of unreachable OT devices and assets
• Document or assist in documentation of OT vulnerabilities and required cybersecurity documentation
• Conduct vulnerability assessments across OT/IT networks, databases, applications
• Provide risk-based mitigation strategies tailored to OT operational constraints
• Deploy and tune Forescout EyeInspect and other OT security monitoring solutions
• Produce analytics and trend reports for leadership and inspection teams

Benefits

• Support to achieve professional certifications and degrees
• Leadership that is accessible to all employees
• Regular company updates
• Client networking social engagements
• Monthly team-building activities (past examples: Top Golf)
• Supporting our community - including veterans