Remote Operations Center OT Security Analyst

Black & Veatch Family of Companies•Olathe, KS

2d•Onsite

About The Position

An Operational Technology (OT) Security Analyst protects critical industrial systems (ICS/SCADA) from cyber threats by monitoring networks, managing vulnerabilities in PLC/HMI devices, and enforcing security policies. They bridge the gap between IT security and physical operations, often implementing, troubleshooting, and responding to incidents in specialized industrial environments. Black & Veatch’s Strategic Advisory & Lifecycle Resiliency Services are an integrated portfolio of strategic consulting and operation resiliency services that apply across the client’s entire investment-to-operations lifecycle commitments. Included are Strategic Advisory, Industrial Cybersecurity, and Operating Assets.

Requirements

High School Diploma Required
All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.
Performs functions requiring intermediate knowledge of Control systems cybersecurity as it pertains to distributed energy systems (solar systems) and the use of Intrusion Detection Systems(IDS) such as Dragos, Nozomi, Tenable.
This position should have skills in Microsoft Office applications as well as competencies in various HMI and Operating platform software.

Nice To Haves

3+ years of experience in both IT and industrial, manufacturing, or critical infrastructure environments preferred.
Previous experience related to Battery Storage, Solar, Wind, Simple Cycle Thermal Generation, or Combined Cycle Thermal Generation.
Basic industry knowledge and technology trends
Demonstrated knowledge of Power Plant systems and processes
Basic knowledge of NERC responsibilities
Basic knowledge of construction and constructability practices and principles
Experience with PLC, RTU, or DCS components and protocols.
Familiarity with OT-specific security tools (e.g., Dragos, Nozomi, Claroty).
Understanding of Purdue model network architecture and firewalls.

Responsibilities

Monitor OT/ICS network traffic and system logs to detect, triage, and analyze security threats using specialized tools.
Identify, assess, and prioritize vulnerabilities, working with engineering teams to remediate threats without disrupting production.
Develop and maintain detailed inventories of OT assets, including network diagrams and configurations.
Support incident investigations, evidence collection, and forensic analysis of security breaches within industrial systems.
Interface with multiple parties for identification, diagnosis, and resolution of site operations and maintenance problems, including the site O&M team, site owner, regulatory agencies, site IT team, Remote operators, and B&V leadership.
Engage in multiple aspects of ROC responsibilities including communications with clients as well as internal team members to maintain contractual obligations.
Follow process and procedures for both site-specific projects and the Remote Operations Center.
Stand watch in rotational shiftwork developed in coordination with the ROC Manager.
Assist with Monitoring & Diagnostics (M&D) teams using predictive analytics for proactive monitoring of power generation, renewables, process industries, and generation assets.
Help mentor and develop less experienced team members.
Performs day-to-day execution of assigned OT/ICS security monitoring, analysis, and incident response activities in accordance with procedures, playbooks, and escalation protocols.
Plans and prioritizes assigned work to meet operational requirements and contractual commitments; provides timely status updates and communicates risks, issues, and dependencies to the ROC Manager and relevant stakeholders.
Prepares and maintains accurate and complete records and deliverables (e.g., alerts, incident tickets, reports, procedures, and evidence) consistent with quality standards and applicable regulatory, contractual, and audit requirements.
Identifies opportunities to improve detection coverage, logging, asset inventory accuracy, and operational procedures; recommends and implements approved enhancements in alignment with established change management practices.
Collaborates with OT engineering, site operations and maintenance, and IT/security teams to coordinate remediation and security changes, with consideration for safety, reliability, and production continuity.
May provide guidance, training support, and knowledge sharing to peers; this position does not include formal supervisory responsibilities (e.g., hiring, compensation decisions, performance management, or corrective action).