The Senior OT/ICS Security Engineer is responsible for securing the critical infrastructure that powers our Client’s industrial operations. Unlike traditional IT security, this role focuses on the availability, safety, and integrity of Operational Technology (OT) environments, including manufacturing plants, control systems, and IIoT devices.
You will be the hands-on expert designing secure network segmentations (Purdue Model), performing deep packet inspection of industrial protocols, and ensuring that PLCs and HMIs are protected against evolving cyber threats without disrupting production.
What you will do:
OT Network Defense & Discovery
- Implement and manage network discovery and anomaly detection solutions specifically designed for industrial environments.
- Perform Deep Packet Inspection (DPI) across critical OT protocols, including Modbus, DNP3, Profinet, OPC UA, and IEC 104.
- Design and deploy secure remote access and micro-segmentation strategies to isolate control networks from enterprise IT environments.
Vulnerability & Risk Management
- Execute technical vulnerability assessments on industrial hardware, including PLCs, HMIs, and embedded systems.
- Lead the remediation of security gaps in the shop floor and field environments while maintaining high system availability.
- Map industrial security controls to global frameworks such as ISA/IEC 62443 and NIST 800-82.
Industrial Security Architecture
- Collaborate with automation and plant engineers to implement "security by design" in new IIoT and ICS deployments.
- Monitor for lateral movement and industrial-specific threats using specialized OT security monitoring tools.
- Develop and document technical standards for industrial system hardening and incident response in the field.
Tools & Technologies:
- OT Visibility Tools: Experience with Claroty, Nozomi Networks, Dragos, or Microsoft Defender for IoT.
- Industrial Protocols: Deep understanding of Modbus, DNP3, Profinet, OPC UA, and EtherNet/IP.
- Network Security: Industrial Firewalls (Fortinet, Cisco ISA, Palo Alto) and unidirectional gateways (Data Diodes).
- Compliance Standards: Practical application of ISA/IEC 62443 and NIST 800-82.
What you bring:
- 5–8+ years of experience in Cybersecurity, with a primary focus on Industrial Control Systems (ICS) or Operational Technology (OT).
- Technical Depth: Ability to analyze industrial traffic and identify misconfigurations or malicious behavior in non-IT environments.
- Operational Awareness: Deep understanding of the "Safety-First" mindset required when worki