OT Security Specialist

About The Position

Requirements

• Minimum of 12 years with BS/BA; Minimum of 10 years with MS/MA; Minimum of 7 years with Ph.D.
• Active TS/SCI clearance.
• Bachelor’s degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or a related field; OR Relevant DoD/military training (examples: DAF 462 (Intermediate) (ICS); DAF 462 (Intermediate) (CS3‑300)); OR Relevant professional certification or equivalent experience (Certification: Pending Review).
• OT/ICS cybersecurity, network engineering, or control‑systems experience with at least 5+ years leading OT security efforts in industrial or DoD environments.
• Deep expertise in OT protocols, device architectures, segmentation/zoning, secure remote access, and safety‑aware security measures.
• Proven ability to design and validate OT detection use cases, run OT‑specific telemetry analysis, and translate findings into mitigations and POA&Ms.
• Experience leading OT incident response, forensic collection in industrial environments, and coordinating cross‑functional containment/remediation.
• Strong technical writing and briefing skills for decision‑grade technical reports and executive summaries.

Nice To Haves

• Prior DoD/ARNG/critical‑infrastructure OT cybersecurity experience.
• Professional certs (preferred): CISSP; CompTIA CASP+ (CASP+ CE).
• Familiarity with OT monitoring platforms, protocol analyzers, and integration of OT telemetry into SOC/CIRT toolchains.

Responsibilities

• Design, implement, and evaluate OT security controls across ICS, SCADA, DCS, PLCs, and other mission‑critical OT environments.
• Develop OT security architectures, segmentation strategies, and hardening baselines aligned with NIST SP 800‑82, ISA/IEC 62443, DoD, and Army requirements.
• Analyze OT network traffic, device configurations, and protocol behavior to identify security gaps, operational risks, and adversary activity.
• Define high‑value OT log sources, detection use cases, and behavioral analytics to inform monitoring and detection engineering.
• Oversee vulnerability assessments, OT risk evaluations, and red/blue‑team validation exercises to assess defensive resilience.
• Coordinate cross‑team integration with SOC, CIRT, engineering, facilities, RCC‑ARNG, NETCOM, and ARCYBER to align OT cybersecurity with mission needs.
• Lead OT incident response: forensic collection, impact assessment, containment, remediation, and system restoration activities.
• Produce technical reports, architectural recommendations, POA&Ms, and executive briefings to inform enterprise modernization and risk decisions.
• Drive continuous improvement by evaluating emerging OT security technologies, updating baselines, and refining operational workflows for safety and mission readiness.

Benefits

• Overtime
• Shift differential
• Discretionary bonus