Job Purpose

The OT Security Engineer will be responsible for designing, implementing, and maintaining security measures for OT environments. The role will be protecting operational technology (OT) systems, industrial control systems (ICS), and critical infrastructure from cyber threats by evaluating OT environments and providing expert advice on architecting and implementing security according to best practice and industry standards. The OT Security Engineer will also be responsible on aligning IT/OT and security efforts to improve incident response, remediation and risk mitigation strategies, improving the overall collaboration and effectiveness of the security program.

In this position you will have the opportunity to:

• Conducting risk assessments and vulnerability analyses to identify and mitigate potential security threats in OT systems
• Developing secure network architecture designs in the mill network and infrastructure, including firewalls, intrusion detection/prevention systems, and network segmentation
• Evaluating OT systems and networks for cyber risks and remediation activities
• Assess and support implementation of OT cybersecurity monitoring solutions.
• Developing and enforcing security policies, procedures, and best practices for OT environments
• Performing security assessments, including physical security walk-downs, technical configuration reviews, and personnel interviews
• Overseeing incident response activities for OT systems, including detection, containment, and recovery
• Collaborating with IT and OT teams to integrate security considerations into operational procedures
• Staying up-to-date with the latest OT security threats, trends, and industry standards

What do I need to be successful?

• 4+ years of experience with OT, ICS, or SCADA technology, cybersecurity, and risk management frameworks
• Strong knowledge of industry standards and federal guidance for securing ICS and SCADA systems (e.g., NIST CSF, NIST 800-82, IEC 62443)
• Experience with security technologies, vendors and types of ICS and SCADA equipment and network protocols
• Ability to analyze and suggest recommended improvements to industrial control system architecture to meet industry standards and best practices
• Experience identifying and communicating security exposures, incidents, or noncompliance situations to the information systems security manager or appropriate group
• Proficiency in network security, cryptography, and authentication systems
• Excellent analytical, problem-solving, and communication skills
• Experience with Windows, UNIX, and Linux operating systems
• Experience with networking concepts and technologies, including TCP/IP, routers, switches, and network-connected devices
• Possession of excellent research and analytical skills

Education

• Bachelor's degree or equivalent in Cybersecurity, Information Technology, Engineering, or a related field
• Certified Automation Professional (CAP), Certified Control Systems Technician (CCTS), Global Industrial Cyber Security Professional (GICSP), or other ICS-related certification preferred

Work Environment

• This position will work at home and in our Nashville office on a hybrid schedule

#LI-HYBRID