Security Specialist Principal (Operational Technology)

About The Position

Requirements

• Education: Bachelor's degree OR Associates degree with 2 years relevant experience in system administration/help desk/security (cyber or physical) OR High School Diploma/GED with 4 years relevant experience in IT system administration/help desk/security (cyber or physical); OR graduation from an approved Cybersecurity Program; alternatively may have non-degree qualifications (such as hands-on demonstrated ability in a technical interview/assessment).
• Experience: 4 or more years of Information Technology related experience; OR 2 or more years of security related experience, which may include military/government work experience in addition to any experience identified above.

Nice To Haves

• Demonstrable experience in one or more of the following disciplines: Incident Response Analyst CIRC/SOC Lead Threat Intelligence or Counterintelligence Analyst Cyber Threat Hunting Analyst Malware Reverse Engineer Operational Technology Specialist, particularly in securing industrial control systems and related environments.
• Certifications: CSFA, GCCC, GCDA, GCED, GCFA, GCFE, GCIA, GCIH, GCIP, GCTI, GDAT, GICSP, GMON, GOSI, GREM, GRID, GSOM, GXPN OSCP, OSEE CERT Incident Response Process Professional CREST Certified Host Intrusion Analyst CREST Certified Incident Manager CREST Certified Malware Reverse Engineer CREST Certified Network Intrusion Analyst

Responsibilities

• Lead the Cyber Intelligence & Response Center (CIRC) in the prevention, identification, and response of cyber threats across IT, OT, and cloud environments.
• Analyze logs, network traffic, endpoint telemetry and various other data sources to support investigations.
• Execute containment, eradication, and recovery steps in coordination with stakeholders while balancing the safety and operational continuity in industrial systems.
• Investigate incidents and produce concise response plans and after action reports covering containment, eradication, recovery, evidence preservation, remediation, and root cause analysis.
• Contribute to tabletop exercises, simulations and readiness activities focused on cyber events affecting operations.
• Participate in the development and refinement of playbooks, runbooks, and response procedures.
• Analyze cyber threat intelligence products to assess impacts on critical infrastructure.
• Coordinate incident response efforts with U.S. government agencies and industry peers.
• Collaborate on cyber threat and security best practices with government and industry partners.
• Maintain expertise in OT protocols, ICS, and SCADA systems for comprehensive threat detection.
• Familiar with SIEM platforms and network analysis tools used in OT environments.
• Conduct forensic analysis of host and network events to support investigations.
• Prepare and deliver engaging cyber threat briefings to diverse audiences.
• Reverse engineer malware to understand threats targeting industrial control systems.
• Communicate security challenges effectively to senior leadership.
• Promote diversity and ensure team members receive training for skill development.
• Create presentations on cybersecurity topics and simplify complex concepts.
• Formulate solutions for advanced security challenges and identify process improvements.
• Motivate the team to learn about security trends and foster professional growth.