Compliance Engineer

Job Title: Compliance Engineer

Location : Cambridge MA

Duration : Long Term contract

Job Description:

• Minimum 5+ years of experience in cybersecurity, with at least 2-3 years directly focused on OT/ICS security and compliance."].

• Strong understanding of industrial control systems (ICS) and Operational Technology (OT) environments (e.g., SCADA, DCS, PLC, RTU, HMI).

• In-depth knowledge of cybersecurity principles and best practices applicable to both IT and OT.

• Proven experience with relevant compliance frameworks and standards (e.g., ISA/IEC 62443, NIST CSF, NERC CIP).

• Experience with network security (firewalls, IDS/IPS, VPNs), endpoint security, and identity and access management (IAM).

• Familiarity with common industrial communication protocols (e.g., Modbus, OPC, DNP3, Ethernet/IP).

• Ability to conduct risk assessments, vulnerability analyses, and implement mitigation strategies.

• Excellent analytical, problem-solving, and critical thinking skills.

• Strong verbal and written communication skills, with the ability to explain complex technical concepts to diverse audiences (IT, OT, Management).

Preferred Skills and Qualifications:

• Relevant industry certifications (e.g., GICSP, GRID, CISA, CISSP, CySA+, CEH, ISA/IEC 62443 Certifications).

• Experience with specific security tools used in IT/OT environments (e.g., Claroty, Nozomi Networks, Dragos, Tenable.ot).

• Experience with cloud security principles as they relate to OT integration.

• Knowledge of scripting languages (e.g., Python, PowerShell) for automation of security tasks.

• Familiarity with ITIL or other IT service management frameworks.

• Prior experience in [Your specific industry, e.g., Power Generation, Manufacturing Automation, Water Treatment].