OT Cybersecurity Engineer

Applied Control Engineering•Baltimore, MD

About The Position

Applied Control Engineering, Inc. (ACE) is seeking an OT Cybersecurity Engineer to serve as a trusted technical advisor to our customers. In this role, you will contribute to the design, deployment, and hardening of OT networks and systems, driving projects from kickoff to close-out and supporting junior engineers. This is a hands-on engineering role focused on building and securing servers and networks for industrial control systems including documenting system hardening and deploying security tools. This is a high-impact, customer-facing role for someone who thrives at the intersection of cybersecurity and industrial operations. Applied Control Engineering, Inc. (ACE) provides automation solutions to a diverse set of industries, including chemicals, pharmaceuticals, industrial gases, discrete manufactured products, and more. ACE serves our customers out of nine offices in seven states (Colorado, Connecticut, Delaware, Massachusetts, Maryland, Pennsylvania, and Texas). ACE’s vision is for continued growth to meet the automation challenges of America’s manufacturing industries. Our OT cybersecurity practice helps manufacturers protect the computerized devices that make modern industry possible—whether you call them Operational Technology (OT), Industrial Control Systems (ICS), or IoT. We partner with customers from initial risk assessment through implementation, monitoring, and ongoing security operations. Engineers at ACE have become industry leading technical experts, project managers, sales engineers, and engineering managers. ACE is seeking level, passionate engineers to join our team. Would you like to join our team? As a Controls Engineer at ACE, you will join a project team delivering automation projects to customers.

Requirements

Three+ (3+) hands-on experience in industrial networking, system administration in an industrial environment, or a closely related discipline.
Demonstrated expertise with Windows Server, Active Directory, Group Policy, and patching workflows.
Virtualization experience (VMware, Hyper-V).
Strong working knowledge of managed switches, routers, and firewalls (Cisco, Fortinet, Palo Alto, or equivalent)—comfortable with both CLI and GUI configuration.
Experience designing and implementing network segmentation, firewall rule sets, and secure architectures in industrial settings.
Familiarity with OT security frameworks and standards (IEC 62443, NIST SP 800-82, or similar).
Familiarity with process control or other manufacturing processes.
Proven experience in delivering projects to success conclusion.
Ability to handle a project through its entire lifecycle.
Strong written and oral communication skills that allow you to communicate complicated concepts both internally and externally.
Thorough knowledge of business application software (MS Office package).
Displays a positive and professional demeanor.
Demonstrates a flexible and cooperative working style.
Willing to work off-hours when required.
Must possess a valid driver’s license.
Willing to submit to drug testing and/or background checks as mandated for a) employment, and b) customer contract requirements.

Nice To Haves

Industry certifications: GICSP, ISA/IEC 62443 Cybersecurity Certificate, CISSP, CCNA/CCNP, or equivalent.
Direct experience with industrial control systems (DCS, PLC/HMI, SCADA) in manufacturing, utilities, or energy.
Hands-on exposure to OT-specific security tools such as Claroty, Nozomi Networks, Dragos, or Tenable.ot.

Responsibilities

Architect, deploy, and document OT network infrastructure (switches, routers, firewalls, VLANs, DMZs) and Windows server environments that support industrial control systems.
Implement cybersecurity controls—intrusion detection/prevention, endpoint hardening, network segmentation, and secure remote access—aligned with IEC 62443 and NIST CSF frameworks.
Build and maintain Windows environments, including Active Directory, Group Policy, and WSUS patch management.
Conduct OT network and asset assessments: inventory devices, map data flows, identify vulnerabilities, and deliver prioritized remediation roadmaps.
Translate complex risk findings into clear, compelling narratives for both plant-floor operators and executive stakeholders.
Recommend and right-size security solutions that balance operational uptime requirements with cybersecurity best practices.
Work on cross-office and cross-discipline project teams where you may be the only cybersecurity engineer.
Build the skills to mentor junior engineers on OT security principles, network design, and professional development.
Collaborate with project managers to track project statuses and ensure customer satisfaction.