Security Engineer / Nessus SME

Title: Nessus Subject Matter Expert (SME)

Location: Austin, TX (Hybrid)

Job Summary:

We are looking for a Nessus Subject Matter Expert (SME) with specialized experience in Operational Technology (OT) security to lead vulnerability scanning, assessment, and mitigation efforts across both IT and OT environments. The ideal candidate will have hands-on expertise with Tenable Nessus and a strong background in securing SCADA networks, and other OT assets.

Key Responsibilities:

• SME for Nessus and Nessus Professional/Tenable.sc scanning solutions in both IT and OT environments.
• Conduct vulnerability assessments on OT systems, including PLCs, RTUs, HMIs, and SCADA infrastructure, ensuring minimal operational impact.
• Configure and fine-tune scan policies for OT networks, balancing visibility with system safety and availability.
• Analyze scan results to identify vulnerabilities, misconfigurations, and compliance issues.
• Collaborate with OT engineers, IT security, and compliance teams to align scanning activities with operational safety and security objectives.
• Maintain a comprehensive inventory of OT assets and integrate vulnerability data with asset management systems when possible.
• Support segmentation, network mapping, and risk assessments for OT environments using Nessus and complementary tools.
• Develop and maintain detailed documentation on scan procedures, results, and mitigation strategies.
• Develop reporting and metrics that highlight OT-specific vulnerabilities, risk levels, and remediation progress.
• Stay informed of emerging threats, zero-days, and advisories relevant to OT (e.g., CISA ICS alerts, ISA/IEC 62443 standards).

Qualifications:

• 5+ years of experience configuring/implementing Tenable Nessus for enterprises for IT/OT vulnerability assessments.
• 5+ years of experience with vulnerability management lifecycle and remediation tracking.
• Nice to have experience in OT/ICS cybersecurity, particularly in sectors such as energy or critical infrastructure.
• Experience integrating NessTenable with asset discovery and monitoring tools (e.g., Nozomi, Claroty, Dragos, SCADAfence).
• Experience with Tenable.sc or Tenable.io in hybrid OT/IT environments.
• Ability to script in Python, PowerShell, or Bash for automation and data processing.
• Knowledge of ICS protocols (e.g., Modbus, DNP3, BACnet, OPC, Profinet).
• Familiarity with network segmentation, zone-based architecture, and secure remote access principles in OT.
• Strong understanding of CVEs, CVSS scoring, and vulnerability lifecycle management.
• Working knowledge of industry standards and guidelines: ISA/IEC 62443, NIST 800-82, NERC CIP, or equivalent.
• Strong interpersonal and communication skills to interface effectively with IT, OT, and executive stakeholders.
• Ability to work in sensitive, safety-critical environments where system availability is paramount.
• Strong analytical thinking with a detail-oriented and risk-focused mindset.