OT Cybersecurity Engineer (TWIC)

Overview

On Site
$90 - $100
Contract - W2
Contract - 12 Month(s)
100% Travel

Skills

TWIC
Purdue Model

Job Details

Position: OT Cybersecurity Engineer Purdue Level 1/2 Zoning & Firewall Design


Location: Baton Rouge, LA


Job Type: Contract (12 Months)


End Client: ExxonMobil


Role Overview:
We are seeking a highly skilled Operational Technology (OT) Cybersecurity Engineer with deep
expertise in industrial control system (ICS) security architecture, focusing on Purdue Model
Level 1 and Level 2 zoning, firewall configuration, and secure network segmentation within
complex refinery and chemical processing environments. The ideal candidate will possess
hands-on experience designing and implementing OT cybersecurity zones and controls that
comply with NIST 800-82, ISA/IEC 62443, and other industry best practices. This role requires
both technical acumen and the ability to perform detailed on-site assessments, vulnerability
analysis, and operational risk mitigation in highly secure industrial facilities.
Key Responsibilities:
OT Network Security Architecture & Firewall Design
Develop and implement Purdue Model Level 1/2 network zones including secure
segmentation of ICS devices (PLCs, HMIs, RTUs) from enterprise IT systems.
Build, review, and maintain detailed firewall rulesets using vendor platforms such as
Palo Alto, Fortinet, ensuring least privilege access and protocol listing.
Design and deploy DMZs, data diodes, and read-only gateways to enable secure oneway data flow between OT and IT domains, preventing lateral movement of threats.
Collaborate with network and OT engineers to design resilient, redundant, and fail-safe
architectures in compliance with industry standards.
Onsite Security Assessments & Asset Discovery
Conduct comprehensive plant walkthroughs to assess OT network topology, device
configurations, and physical security controls.
Perform asset discovery and classification using tools like Tenable OT, Dragos, or other
ICS vulnerability scanners.
Identify and document vulnerabilities, risks, and compliance gaps, producing actionable
reports and mitigation plans for OT teams.
Work closely with process and maintenance personnel to align cybersecurity initiatives
with operational requirements and constraints.
Automation, Monitoring & Incident Response
Develop and maintain PowerShell and Python scripts for automated log monitoring,
anomaly detection, and incident alerting across OT infrastructure.
Integrate log sources into Security Information and Event Management (SIEM) platforms
while ensuring OT-specific telemetry is correctly interpreted.
Support incident response efforts by performing root cause analysis and remediation for
OT-related cybersecurity events.
Compliance & Standards Alignment
Apply NIST 800-82, ISA/IEC 62443, CISA energy sector guidelines, and other relevant
cybersecurity frameworks to ensure regulatory compliance.
Prepare and maintain technical documentation including firewall policies, network
diagrams, asset inventories, and cybersecurity policies tailored for OT environments.
Liaise with third-party auditors and regulators during cybersecurity audits and
assessments.
Must-Have Qualifications & Skills:
Minimum 10+ years of experience in industrial control system (ICS) cybersecurity,
specifically within energy, oil & gas, or chemical sectors.
Proven track record designing and implementing Purdue Model Level 1 and 2 zones,
secure firewall configurations, and DMZ architectures in OT environments.
Expertise configuring and managing firewalls and network security appliances from
Palo Alto, Fortinet, or equivalent platforms in ICS/OT settings.
Hands-on experience with asset discovery and vulnerability assessment tools such as
Tenable OT, Dragos, Claroty, or Nozomi.
Proficient in PowerShell and Python scripting for automation of security monitoring and
operational controls.
Strong understanding of ICS protocols (Modbus, DNP3, OPC-UA) and OT network
architectures.
Excellent communication skills for cross-team collaboration and report writing.
TWIC Card strongly preferred for secure site access.
Preferred Skills & Certifications:
Certifications such as GICSP (Global Industrial Cyber Security Professional), ISA/IEC
62443 Cybersecurity Expert, CISSP, or CEH.
Familiarity with SIEM tools like Splunk, QRadar, or ArcSight integrated with OT telemetry.
Experience with ICS Incident Response, digital forensics in OT environments, and
industrial malware detection techniques.
Prior experience working with similar large energy/refining companies.
Work Environment & Travel:
Role requires onsite presence in Baton Rouge, LA, with frequent field visits to
chemical/refinery plant areas.
Must adhere to all safety, security, and operational protocols, including wearing proper
PPE and following plant access procedures.
Will be required to participate in shift work, emergency on-call rotations, and incident
response drills as necessary.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.