About the Role
We are seeking a highly motivated and experienced Senior IT & OT Security Engineer to join our dynamic security team. You will play a pivotal role in protecting our organization’s IT and OT systems from cyber threats by developing, implementing, and maintaining a comprehensive security program. This role requires a unique blend of IT security knowledge and understanding of OT specific security principles.
Responsibilities
- Design, implement, and manage a holistic IT/OT security program that addresses vulnerabilities and risks across both IT and OT environments.
- Conduct regular security assessments and penetration testing to identify and remediate vulnerabilities in IT systems (networks, applications, servers) and OT systems (industrial control systems, SCADA).
- Design and implement a secure IT/OT architecture, including network segmentation, firewalls, access controls, and specific OT security measures.
- Develop, enforce, and maintain security policies, procedures, and best practices for both IT and OT domains.
- Oversee incident response activities for both IT and OT, including detection, containment, eradication, and recovery, ensuring business continuity and minimal disruption.
- Stay up-to-date on the latest IT and OT security threats and trends to maintain a proactive security posture.
- Deliver security awareness training programs to educate IT and OT personnel on best practices and potential threats specific to their domains.
- Manage and maintain IT and OT security tools and technologies, ensuring optimal performance and effectiveness.
- Collaborate effectively with IT and OT teams to integrate security considerations seamlessly into operational procedures.
- Report on the organization’s overall security posture and key security metrics to senior management.
Qualifications
- Bachelor’s degree in Cybersecurity, Information Technology, Engineering, or a related field (Master’s degree a plus).
- Minimum 7+ years of experience in IT security with a strong understanding of OT security principles.
- Proven track record of developing and implementing successful IT/OT security programs.
- In-depth knowledge of IT security best practices, standards, and frameworks (e.g., NIST Cybersecurity Framework) and familiarity with OT security frameworks (e.g., ISA/IEC 62443).
- Experience in conducting security assessments and penetration testing methodologies for both IT and OT systems.
- Excellent communication, collaboration, and interpersonal skills.
- Ability to thrive in a fast-paced environment, manage multiple priorities, and work independently while also leading and motivating a team.
- Strong analytical and problem-solving skills.
Preferred Skills
- Experience in relevant industries (e.g., manufacturing, utilities, energy) a strong plus.
- Certifications in IT security (e.g., CISSP, CISA) and OT security (e.g., GSEC, SSCP) highly desirable.
- Working knowledge of IT and OT architectures and protocols.
- Experience in incident response and disaster recovery planning for both IT and OT environments.
- Experience with scripting languages (e.g., Python, Bash) for security automation.
