OT Security Engineer
Tasks
- Contribute to cybersecurity program aligned to CIS Controls and NIST CSF and IEC 62443 and ISO 27001
- Deliver OT security awareness training for operators technicians and vendor partners
- Deploy and tune endpoint detection and response in OT environments
- Design and implement OT network segmentation between site SCADA control and enterprise zones
- Develop and run tabletop exercises and maintain incident response playbooks
- Establish enforce and review security requirements for SCADA inverter and BESS OEMs and field service vendors
- Integrate OT telemetry and security logs into centralized monitoring and tune detections for ICS protocols
- Maintain BES cyber system asset inventories and categorization evidence
- Maintain NERC CIP low impact compliance controls for BES cyber systems
- Maintain NERC CIP low impact supply chain risk management evidence
- Maintain hardened baselines and configuration control for OT systems and network equipment
- Own secure remote access for vendors and staff using jump hosts MFA session recording and just in time access
- Participate in self certifications internal control testing and external audits
- Run vulnerability assessment and coordinate OT patch mitigation cycles
- Support NERC CIP incident reporting workflows and information protection requirements
- Triage and lead response for OT security events
Perks/Benefits
- 401k matching
- Company holidays
- Dental insurance
- Health insurance
- Paid time off
- Vision insurance
- Work from home
Skills/Tech-stack
Asset Inventory | CIS Controls | CIS Controls v8 | Certificate-based authentication | Configuration Management | Cybersecurity compliance | DNP3 | Detection tuning | EDR | Endpoint hardening | HMI | ICS Security | IEC 62443 | ISO 27001 | Incident Response | Industrial Firewalls | Jump Host | Just-in-Time | Just-in-Time Access | Logging | MFA | Modbus | NERC CIP | NIST CSF | Network Segmentation | OT DMZ | OT Security | PLC | Patch Management | RTAC | RTU | Removable Media | Removable Media Controls | Risk Management | Routing | SCADA Security | SCADA protocols | SEL | SIEM | Session Recording | Supply Chain | Supply chain risk | Supply chain risk management | Switching | TCA controls | Tabletop Exercises | VLAN | Vulnerability Assessment
Education
Bachelor of Engineering | Bachelor of Science | Bachelor of Science in Computer Engineering | Bachelor of Science in Cybersecurity | Bachelor of Science in Electrical Engineering
Roles
Related jobs
-
Senior Security Engineer, GRC Automation USD 144K-214K800-53 | AI | APIs | AWS IAM | Automation401k | Dental insurance | Equity grant | Health insurance | Paid time offSenior-level Full TimeRemote (United States | Canada) R8h ago
-
Security Engineer - Vuln Management (Infra) USD 210K-270KCI/CD | CIS Benchmarks | CSPM | CVSS | Checkov401k program | Autonomous work environment | Commuter benefits | Flexible time off | Health, dental, vision, and life insuranceMid-level Full TimeFoster City, CA9h ago
-
DevOps Engineer USD 129K-171KAgile | Air-gapped | Air-gapped networks | Ansible | Argo CDHealth insurance | Paid time offMid-level Full TimeReston, Virginia, United States10h ago
-
Cyber Security Engineer (Job 1354) USD 132K-140K800-171 | 800-37 | 800-53 | AI Security | AWS401k matching | Education assistance | Learning and development | Medical/Dental/Vision | PTOMid-level Full TimeBethesda, Maryland11h ago
-
Security Engineer - Governance Risk Compliance USD 100K-228K800-171 | 800-53 | ACAS | Authorization and Assessment | CMMC401k plan | Dental insurance | Discounts | Health insurance | Life insuranceMid-level Full TimeNew York, NY; Palo Alto, CA; …11h ago
-
Security Operations Engineer II USD 165K-200KAWS | Azure | Bash | Cause analysis | Cloud Security401k | Dental insurance | Flexible time off | Health insurance | Paid parental leaveSenior-level Full TimeLos Angeles, California, United States16h ago
-
Threat Emulation Engineer - Blue/Purple Team USD 110K-160KAdversary TTPs | Attack Simulation | Bash | Breach and Attack Simulation | CybersecurityCorporate holidays | Flexible time off | Group dental insurance | Group medical insurance | Healthy mobile phone allowanceSenior-level Full TimeChantilly, VA16h ago
-
Enterprise AI Security Engineer (ISSE) USD 116K-243KAccess Control | Access Management | Assessment and Authorization | Classification Aware Access Control | Continuous MonitoringSenior-level Full TimeArlington, VA17h ago
-
DevSecOps Engineer USD 116K-243KArgoCD | Atlassian N/A | Bill of Materials | CI/CD | Compliance AutomationSenior-level Full TimeArlington, VA17h ago
-
Principal Engineer, DevSecOps USD 145K-175KABAC | AI Security | AI gateway | AWS | Advanced SecuritySenior-level Full TimeLas Vegas, NV17h ago
-
Security Operations Engineer II USD 165K-200KAWS | Automation | Azure | Behavioral analytics | Cause analysis401k | Dental insurance | Flexible time off | Health insurance | Paid parental leaveSenior-level Full TimeNew York, New York, United States18h ago
-
Information Security Engineer, Bare Metal USD 230K-310KAnsible | AppArmor | Audit Logging | BMC Security | BMC firmwareHealth, dental, and vision insurance | Paid time off | Retirement or pensionSenior-level Full TimeNew York, NY18h ago
-
Systems Engineer L4 USD 110K-140KComputer networks | Cybersecurity | Data Analysis | Data Modeling | ElasticFull-time position | Work at customer locationMid-level Full TimeAnnapolis Junction, United States19h ago
-
Network Security and Firewall Engineer - City USD 86K-132KACLs | Access Control | Access Control Lists | Detection and prevention systems | Event managementBenefits package | Health and wellness | Professional development | Retirement contributions | Work-life balanceSenior-level Full TimeOklahoma City, OK, United States1d ago
-
Cyber Data Analysis Engineer USD 82K-172KAWS | Ansible | ArcSight | Bash | Bash ScriptingFlexible time offMid-level Full TimeBRB SPRINGFIELD VA, United States1d ago
-
Information Systems Security Engineer USD 75K-158K800-171 | 800-37 | 800-53 | Amazon Web Services | Amazon Web Services (AWS)Continuing education | Family support benefits | Flexible time off | Healthcare | Learning and development resourcesMid-level Full Time606 KING OF PRUSSIA PA, United …1d ago
-
Sr. SailPoint Engineer- ISC & IIQ | Remote, USA USD 134K-197KAPI | Access Approvals | Access Profiles | Access requests | Active DirectoryProfessional training resources | Remote work | Volunteer opportunities | Work-life balanceSenior-level Full TimeKansas, United States R1d ago
-
AI Security Engineer USD 100K-150KAccess Management | Adversarial Machine Learning | Application Security | Authorization | CryptographyCareer growth | Remote workSenior-level Full TimeUnited States - Remote R1d ago
-
Oracle Cloud Security Engineer USD 100K-150KBash | CIS Benchmarks | Cloud Guard | Cloud infrastructure | Compliance ManagementMid-level Full TimeUnited States - Remote R1d ago
-
Cybersecurity Engineer USD 68K-137KActive Directory | Configuration baselines | Container Security | Docker | EDRMid-level Full TimeCollege Park, MD, United States1d ago
-
Cybersecurity Engineer, Mid-level - SBG USD 120K-140K800-53 | CI/CD | CNSSI 1253 | Cloud Computing | Communications SystemsMid-level Full TimeEl Segundo, CA, USA1d ago
-
Information Security Sr Advisor - Automation Engineer USD 129K-198KAPI Integration | AWS | Access Control | Amazon SNS | Amazon SQS401k match | Dental insurance | Financial education resources | Life insurance | Long-term disabilitySenior-level Full TimeIN-INDIANAPOLIS, 220 VIRGINIA AVE, United States1d ago
-
AWS | AWS Lambda | Access Control | Amazon EKS | Application Security401k match | Dental insurance | Hybrid work schedule | In office 1 to 2 days per week | Medical insuranceSenior-level Full TimeIN-INDIANAPOLIS, 220 VIRGINIA AVE, United States1d ago
-
Senior Information Security Engineer Sunrise Validations USD 119K-196KAccess Management | Application Security | Audit management | Business Continuity | Cloud SecurityHybrid work scheduleSenior-level Full Time141278-NC-CIC Customer Information Ctr, United States R1d ago
-
AWS | Azure | CIS Benchmarks | Database security | DevSecOps401k plan | Hybrid work schedule | No visa sponsorship | Paid time off | Relocation assistance not availableMid-level Full Time141278-NC-CIC Customer Information Ctr, United States1d ago