OT/IoT Security Engineer

OT/IoT Security Engineer

Protecting critical infrastructure and connected systems through specialized OT and IoT cybersecurity strategies

Position Overview
We are looking for an experienced OT/IoT Security Engineer to lead the protection of industrial control systems (ICS), SCADA environments, and Internet of Things (IoT) devices. This cross-disciplinary role involves assessing and securing operational networks, implementing intrusion detection and segmentation strategies, and mitigating the unique risks associated with connected devices and physical systems.

You will work at the intersection of cybersecurity, industrial automation, and embedded systems to enhance security across both legacy and modern infrastructure.

Key Responsibilities

OT Security

• Assess and secure ICS/SCADA systems, PLCs, and HMIs across manufacturing, energy, or utility environments
• Implement network segmentation, firewall policies, and industrial DMZs to isolate critical systems
• Deploy OT-specific intrusion detection and anomaly detection tools (e.g., Nozomi, Claroty, Dragos)
• Perform risk assessments and develop mitigation plans for OT assets and protocols (Modbus, DNP3, OPC, etc.)

IoT Security

• Secure IoT devices and edge computing nodes from firmware to network layer
• Enforce device identity, secure boot, and patch management for connected assets
• Evaluate IoT ecosystems for vulnerabilities such as hardcoded credentials, unencrypted comms, and weak APIs
• Integrate IoT asset inventories with security monitoring and SIEM systems

Governance, Risk & Compliance

• Align OT and IoT security practices with standards like ISA/IEC 62443, NIST SP 800-82, and ISO 27019
• Support incident response for OT/IoT environments and conduct tabletop exercises
• Collaborate with IT, engineering, and compliance teams to develop unified risk management policies
• Contribute to security architecture reviews and vendor security assessments for OT/IoT platforms

Required Qualifications

• +5 years of experience in cybersecurity, with a focus on OT, ICS, SCADA, or IoT environments
• Strong knowledge of industrial protocols (e.g., Modbus, PROFINET, BACnet, OPC-UA) and embedded systems
• Experience implementing network security for OT/IoT (e.g., segmentation, zoning, anomaly detection)
• Understanding of device-level security principles, including secure firmware, physical hardening, and endpoint protection
• Proficiency in cybersecurity tools (SIEM, IDS, vulnerability scanners) tailored to OT/IoT use cases

Preferred Qualifications

• Certifications such as GICSP, ISA/IEC 62443, CISSP, or CEH
• Experience with IoT security testing tools (e.g., Shodan, Binwalk, MQTT testing tools)
• Familiarity with convergence between IT and OT environments, and Zero Trust principles in OT networks
• Background in critical infrastructure, smart cities, smart buildings, or industrial automation
• Strong documentation, risk reporting, and stakeholder communication skills