OT/ICS Cybersecurity & Network Security Engineer
Tasks
- Apply security controls and best practices for OT ICS environments
- Assess risk for OT ICS IoT hardware and software
- Configure firewall rules and VLANs for OT networks
- Coordinate with vendors and internal teams on OT system changes
- Ensure minimal disruption to critical operational systems
- Evaluate design and implement security solutions aligned to NIST SP 800-82 and IEC 62443
- Identify obsolescence configuration gaps and security weaknesses
- Implement network segmentation and secure remote access
- Maintain IP addressing device inventories and configuration records
- Maintain system documentation diagrams and inventories
- Monitor OT network traffic for anomalies and unauthorized activity
- Participate in incident investigations involving OT systems
- Perform vulnerability assessments for OT ICS IoT assets
- Recommend security improvements aligned to cybersecurity frameworks
- Review OT network architectures for segmentation zoning conduits and DMZ
- Review administrative technical and cybersecurity controls
- Serve as ICS OT IoT SME
- Support PLCs RTUs HMIs SCADA BMS BAS and control systems
- Support troubleshooting root cause analysis and recovery efforts
- Support upgrades migrations and modernization of OT environments
- Support vulnerability remediation for OT assets
- Translate OT operational needs into IT security requirements
Perks/Benefits
- 401k match
- Dental insurance
- Employee development program
- Employee referral program
- Medical insurance
- Paid time off
- Paid training
- Remote work
Skills/Tech-stack
800-82 | BAS | BMS | CPS | Capture analysis | Cause analysis | Configuration Management | Cybersecurity frameworks | DMZ | Device inventory | Firewall | HMI | ICS | IDS | IEC 62443 | IP Address Management | IP address | IPS | ISA-99 | Incident Response | IoT | Log Analysis | NIST SP | NIST SP 800 | NIST SP 800-82 | Network Monitoring | Network Segmentation | Network zoning | PLC | Packet Capture | Packet capture analysis | Purdue Model | RTU | Remote Access | Risk Assessment | Root Cause Analysis | Root cause | SCADA | SP 800-82 | Secure remote access | VLAN | Vulnerability Assessment
Education
Related jobs
-
Systems Engineer USD 141K-236KAccountability | Authentication | Authorization | Configuration Management | CryptographyHealth insurance | Holiday pay | Learning and development | Life insurance | Long-term disabilityMid-level Full TimeUSA-MD-Fort Meade11h ago
-
Network Security Engineer, Infrastructure USD 161K-225KAccess Control | Access Control Lists | Anomaly Detection | BGP | Cause analysisSenior-level Full TimeDenver, CO | Menlo Park, CA …12h ago
-
Network Engineer, Operations & Support USD 133K-190KAI Automation | Agent Orchestration | Alerting | Analytics | AuditingTeam oncall rotation | Travel opportunitiesSenior-level Full TimeDenver, CO12h ago
-
Security Engineer (Embedded & Networking) USD 130K-180KAPI | Access Control | Access Management | Application Firewall | Authentication401k plan | Dental coverage | Disability insurance | Employee stock purchase plan | Life insuranceMid-level Full TimeHawthorne, CA21h ago
-
Security Engineer (Embedded OT) USD 130K-180KAccess Control | Access Management | Application Firewall | Automation | Best practices401k retirement plan | Employee stock purchase plan | Health, dental, and vision insurance | Life insurance | Long-term disability insuranceMid-level Full TimeCape Canaveral, FL21h ago
-
AWS | Access Management | Asset Inventory | Automation | AzureSenior-level Full TimeMD Bethesda Office, United States23h ago
-
Lead Cyber Security Engineer USD 101K-135KAttack Data Analysis | Cybersecurity | Data Analysis | Enterprise systems | Hardware Troubleshooting401k | Dental benefits | Employee discounts | Free meals | Free parkingSenior-level Full TimeHome Office - US, NV, United …23h ago
-
Access Management | Authentication | Business Continuity | Cloud Access Security Broker | Cloud SecureDisability benefits | Hybrid work schedule | Life insurance | Paid time off | Parental leaveSenior-level Full Time142019-NC-300 South Brevard, Charlotte, United States23h ago
-
Senior Software Engineer, Cloud Platform USD 150K-190KAccess Control | ArgoCD | CI/CD | Cassandra | Cause analysis401k match | Dedicated learning budget | Dental insurance | Discrete Time Off Policy | Flexible spending accountSenior-level Full TimeUnited States (Remote); R1d ago
-
DevSecOps Engineer USD 150K-185KAPI Gateway | AWS | Azure DevOps | CI/CD | CNAPPCompany paid life insurance | Company-paid disability insurance | Discount program | Flexible spending account | Flexible vacationSenior-level Full TimeLenexa, Kansas R1d ago
-
Senior Product Security Engineer USD 150K-175KAPI Security | Application Security | Authentication | Authorization | C#Clearance eligibility | Health insurance | Professional development | Retirement plansSenior-level Full TimeHuntington Beach, CA1d ago
-
Principal Systems Developer - DevSecOps USD 144K-205KAIX | Bash | C plus plus | C# | CI/CD401k profit sharing | Dental insurance | Life insurance | Long-term disability | Medical insuranceSenior-level Full TimeBoston, MA1d ago
-
Security Engineer USD 266K-395KCode review | EDR | Evidence collection | Go | Incident Response401k plan | Commuter stipend | Flexible paid time off | Health, dental, vision coverage | Wellness stipendSenior-level Full TimeSan Francisco Office (Fremont St)1d ago
-
Senior Application Security Engineer USD 140K-186K.NET | AI Security | AI Tooling | Application Reverse Engineering | Application Security401k match | Dental insurance | Discount programs | Employee assistance program | Free parkingSenior-level Full TimeCharlotte, North Carolina, United States; Virtual R1d ago
-
Systems Engineer Junior Level- Part-Time USD 140K-172KAccess Control | Architecture SOA | Authentication | Availability | Confidentiality401k plan | Career development | Federal Holidays | Flexible spending account | Health savings accountEntry-level Part TimeFort Meade, MD, US1d ago
-
Principal Cybersecurity Engineer USD 160K-210KAir-gapped | Air-gapped networks | Bare Metal | Command Systems | CryptographySenior-level Full TimeLong Beach, CA1d ago
-
Cybersecurity Engineer USD 125K-140KAccess Controls | Access Management | Cloud Security | Endpoint Security | Endpoint protectionMid-level Full TimeEl Segundo, CA, 90245-2813, USA1d ago
-
Principal Cybersecurity Engineer USD 150K-200KAir Gapped Security | Air-gapped | Cryptography | DevSecOps | Embedded SystemsSenior-level Full TimeLittleton, CO1d ago
-
Senior Cybersecurity Engineer USD 158K-175KAWS | Access Management | Azure | CIS Controls | Cloud SecuritySenior-level Full TimeEl Segundo, CA, 90245-2813, USA1d ago
-
Security Engineer / Information Technology USD 77K-95KAccess Management | Active Directory | Application Management | Audit Log | Audit LogsMid-level Full TimeUnited States1d ago
-
Cloud Engineer USD 104K-154KAWS | Alerting | Automation | Bash | CloudWatchHybrid work | On-call rotation | Remote workMid-level Full TimeRemote (United States) R1d ago
-
Senior Network Engineer - Network Security USD 114K-152KAWS | AlgoSec | Arista | Arista Networks | AzureSenior-level Full TimeUnited States1d ago
-
Channel Sales Engineer - Security, AI USD 114K-152KAWS | Attack surface | Attack surface management | Azure | BashMid-level Full TimeUS - Remote - Atlanta - … R1d ago
-
Sr. Security Engineer USD 175K-220KAPI Security | Access Management | Alerting | Application Security | CCPASenior-level Full TimeNew York1d ago
-
Lead Security Engineer [Multiple Positions Available] USD 175K-186KAPIs | Ansible | Automated remediation | CI/CD | Cause analysisBackup childcare | Financial coaching | Health care coverage | Mental health support | On Site Health Wellness CentersSenior-level Full TimePlano, TX, United States1d ago