OT Security Engineer

About The Position

Requirements

• 3–5+ years in OT / ICS / SCADA security, industrial cybersecurity, or critical infrastructure security; utility, IPP, or owner-operator experience strongly preferred.
• Bachelor’s degree in Electrical Engineering, Computer Engineering, Cybersecurity, or related discipline, or equivalent demonstrated experience.
• Hands-on experience implementing and evidencing NERC CIP controls, with direct exposure to CIP-002, CIP-003, CIP-008, CIP-011, and CIP-013.
• Working knowledge of OT networking: VLANs, L2/L3 switching and routing, industrial firewalls, DMZ design, jump architectures, and certificate-based authentication.
• Familiarity with common ICS hardware and protocols: PLCs, RTUs, RTACs, HMIs; Modbus, DNP3, SEL.
• Experience with SIEM / logging platforms and tuning detections for OT environments.
• Strong documentation discipline; ability to produce evidence that survives audit scrutiny.
• Clear written and verbal communication; able to translate security requirements into reliability outcomes for plant operations.
• Comfortable with field work, planned outage coordination, and occasional on-call response.
• Valid driver’s license and ability to travel to operating sites as needed.

Nice To Haves

• Preferred certifications: GICSP, ISA / IEC 62443 Cybersecurity Specialist, CompTIA Security+, or CISSP.
• Solar and BESS operations experience, ERCOT market exposure, and prior NERC CIP audit participation are pluses.

Responsibilities

• Design and implement OT network segmentation between site SCADA, control, and enterprise zones across the operating fleet.
• Own secure remote access for vendors and ARI staff: jump hosts, MFA, session recording, and just-in-time access patterns.
• Deploy and tune EDR on plant servers and engineering workstations within OT reliability constraints.
• Maintain hardened baselines and configuration control for site servers, HMIs, RTUs/RTACs, and OT network equipment.
• Run vulnerability assessment and patch / mitigation cycles for OT assets in coordination with site operations.
• Maintain and execute the technical controls required under CIP-003 R2 Attachment 1 (cyber security awareness, physical access controls, electronic access controls, incident response, and TCA / removable media controls) across all Low impact BES Cyber Systems.
• Maintain BES Cyber System asset inventories and categorization evidence (CIP-002).
• Maintain CIP-013 Low impact supply chain risk management evidence for vendors with electronic access.
• Support CIP-008 incident reporting workflows and CIP-011 information protection requirements.
• Participate in self-certifications, internal controls testing, and external audits; produce audit-quality artifacts.
• Establish and enforce security requirements for SCADA, inverter, and BESS OEMs, ISPs, and field service vendors; review remote access requests; approve or deny based on documented policy.
• Drive contractual and technical supply chain controls in partnership with Procurement and Legal, and train vendor personnel on ARI’s OT security expectations and field procedures.
• Integrate OT telemetry and security logs into ARI’s centralized monitoring stack and tune detections for ICS protocols and operational patterns (Modbus, DNP3, SEL).
• Triage and lead response for OT security events; coordinate with site operations, the Compliance team, and the MSSP / enterprise SOC.
• Develop and run tabletop exercises; maintain CIP-008 playbooks and capture post-incident lessons learned.
• Conduct site visits to operating PV and BESS plants for inventories, validations, and control testing.
• Deliver OT security awareness training for operators, technicians, and vendor partners.
• Contribute to ARI’s broader cybersecurity program, aligned to CIS Controls v8, NIST CSF v2, and the in-progress IEC 62443 and ISO 27001 implementations.

Benefits

• 401(k) plan with company matching contribution
• Competitive health, vision, and dental benefits
• Attractive personal time off and company holiday package
• Work-from-home policy
• Salary commensurate with experience