Junior ICS/OT Cybersecurity Engineer

Sentar is dedicated to developing the critical talent that the connected world demands to create solutions to address the convergence of cybersecurity, intelligence, analytics, and systems engineering. We invite you to join the small business team where you can build, innovate, and secure your career.

Sentar is seeking a Junior ICS/OT Cybersecurity Engineer in Huntsville, AL.

Frequent travel required!

Sentar is seeking a motivated and detail-oriented Junior ICS/OT Cybersecurity Engineer to join our team. This role focuses on the post-construction security hardening of Industrial Control Systems (ICS) and Operational Technology (OT) environments, ensuring compliance with UFGS 25 05 11 standards. The successful candidate will work with fellow Sentar engineers and prime/sub contractor and the government to secure facility-related control systems, implement cybersecurity best practices, and support the Authorization to Operate (ATO) process for mission-critical infrastructure.

Role Description:

Key Responsibilities

• Assist in the post-construction cybersecurity hardening of ICS/OT systems, including PLCs, SCADA, Security Systems, Fire Alarms, Electrical Panels, HVAC, and other control system components.
• Implement security controls and configurations in accordance with UFGS 25 05 11 requirements, including hardening operating systems to configure system boundary protection, access control, and audit logging.
• Run Security Content Automation Protocol (SCAP) scans to assess system compliance and identify vulnerabilities in ICS/OT environments.
• Apply DISA Security Technical Implementation Guides (STIGs) to harden operating systems, applications, and network devices within control system architectures.
• Conduct vulnerability assessments and risk analyses on control systems using various automated and manual techniques to identify and mitigate potential security gaps.
• Collaborate with architecture and engineering teams to ensure cybersecurity measures are integrated into system designs both pre and post-construction.
• Support the development, documentation, and submission of System Security Plans (SSPs), Risk Management Framework (RMF) artifacts, and compliance reports aligned with UFGS standards to achieve and maintain Authorization to Operate (ATO).
• Utilize eMASS to input, track, and manage cybersecurity controls, vulnerabilities, and ATO packages under senior engineer guidance.
• Perform security testing (e.g., system scans, penetration testing, configuration reviews) to validate hardening measures and ensure ATO readiness.
• Stay up-to-date on emerging threats, vulnerabilities, and industry standards affecting ICS/OT environments.

Qualifications:

Clearance Level: Secret

Education: Bachelor’s degree in Cybersecurity, Electrical Engineering, Computer Science, or a related field (or equivalent experience).

Certifications: CompTIA Security+ is required, active CISSP or willingness to obtain within the first year strongly preferred.

Experience:

• Technical Skills:
  • Basic understanding of ICS/OT protocols (e.g., Modbus, DNP3, OPC).
  • Familiarity with cybersecurity frameworks such as NIST 800-53, NIST 800-82, UFGS 25 05 11, and IEC 62443.
  • Familiarity with eMASS for managing RMF workflows and generating/updating ATO documentation.
  • Experience with network security scanning tools (e.g., ACAS, Nessus) and system hardening techniques.
  • Knowledge of Windows and Linux operating systems in industrial environments.
  • CISCO command line interface
• Soft Skills:
  • Strong analytical and problem-solving abilities.
  • Excellent communication skills for documenting findings and collaborating with cross-functional teams.
  • Ability to work under supervision and learn quickly in a multi-project environment.???????

Specific Requirements

• Demonstrated ability or willingness to learn UFGS 25 05 11 compliance requirements, including:
  • Hardening control system components post-construction (e.g., disabling unnecessary services, applying secure configurations).
  • Implementing and securely configuring boundary protection (e.g., firewalls, data diodes) for ICS networks.
• Basic understanding of the ATO process, including preparing systems for assessment, addressing Plan of Actions and Milestones (POA&Ms), and maintaining compliance post-authorization.
• Willingness to travel to project sites as needed for hands-on hardening and validation activities including international.
• Secret Clearance is a requirement. Must be eligible to obtain security clearance or possess an active clearance already.
• Travel is a requirement for this position. Locations for flyaway work can be worldwide and in very remote locations, and can be for up to 3 weeks at a time in rare cases. Common duration is 1 week onsite. Passport holders are preferred.

Preferred Qualifications

• Familiarity with post-construction phases of facility-related control system projects.
• Experience with Risk Management Framework (RMF) or DoD cybersecurity compliance processes, including ATO lifecycle management.
• Hands-on experience using eMASS for control implementation, documentation, or reporting.
• Experience running SCAP scans and applying DISA STIGs in a technical environment.
• Basic scripting skills (e.g., Python, PowerShell) for automation of hardening tasks.

Benefits at Sentar:

In addition to a great culture, Sentar not only fosters an inclusive work environment but also offers an extensive benefits package designed to cater to the well-being of its employees and their families.

• Voluntary Medical, Dental, Vision, with Health Savings or Flexible Spending Plan options
• Voluntary Life, Critical Illness, Accident, and Long Term Care insurance options
• Group Term Life, Short-Term and Long-Term Disability is provided by Sentar to all qualifying employees
• Generous 401(k) match
• Competitive PTO plan that graduates quickly with years of service
• Other leave programs; holiday schedule along with bereavement, jury and military duty
• Mental health awareness programs
• Tuition reimbursement
• Professional development reimbursement
• Recognition and Awards programs

If you are not ready to apply for this position, submit your resume here to join our talent community. We'll keep you updated occasionally on new job opportunities.

Sentar is an Affirmative Action and Equal Opportunity Employer M/F/Vets/Persons with Disabilities

Our culture is one of inclusivity and support. Sentar is proudly an Equal Opportunity and VEVRAA Federal Contractor Employer M/F/Vets/Persons with Disabilities. Follow these links to learn more about your rights: EEO Is the Law Poster; EEO Is Law Supplement; and Pay Transparency.

We want you to build your career at Sentar, so if you are an individual with a disability and require a reasonable workplace accommodation applying for a job or at any point in the employment process, contact the Recruiting Manager at recruiting@sentar.com. Please indicate the specifics of the assistance needed. Thank you for considering Sentar in your employment search.

Build, Innovate, Secure Your Career at Sentar.