OT Cyber Security Purdue Level 1/2 Zoning & Firewall Design

Overview

On Site
$90 - $120
Full Time

Skills

Windows PowerShell
Vulnerability Assessment
Firewall
Cyber Security

Job Details

Position: OT Cyber Security Purdue Level 1/2 Zoning & Firewall Design
Location: Baton Rouge, LA
Job Type: Contract (12 Months)

Key Responsibilities:

OT Network Security Architecture & Firewall Design

  • Develop and implement Purdue Model Level 1/2 network zones including secure segmentation of ICS devices (PLCs, HMIs, RTUs) from enterprise IT systems.
  • Build, review, and maintain detailed firewall rulesets using vendor platforms such as Palo Alto, Fortinet, ensuring least privilege access and protocol listing.
  • Design and deploy DMZs, data diodes, and read-only gateways to enable secure oneway data flow between OT and IT domains, preventing lateral movement of threats.
  • Collaborate with network and OT engineers to design resilient, redundant, and fail-safe architectures in compliance with industry standards.


Must-Have Qualifications & Skills:
Minimum 10+ years of experience in industrial control system (ICS) cybersecurity, specifically within energy, oil & gas, or chemical sectors.
Proven track record designing and implementing Purdue Model Level 1 and 2 zones, secure firewall configurations, and DMZ architectures in OT environments.
Expertise configuring and managing firewalls and network security appliances from Palo Alto, Fortinet, or equivalent platforms in ICS/OT settings.
Hands-on experience with asset discovery and vulnerability assessment tools such as Tenable OT, Dragos, Claroty, or Nozomi.
Proficient in PowerShell and Python scripting for automation of security monitoring and operational controls.
Strong understanding of ICS protocols (Modbus, DNP3, OPC-UA) and OT network architectures.
Excellent communication skills for cross-team collaboration and report writing.
TWIC Card is strongly preferred for secure site access.

Preferred Skills & Certifications:
Certifications such as GICSP (Global Industrial Cyber Security Professional), ISA/IEC 62443 Cybersecurity Expert, CISSP, or CEH.
Familiarity with SIEM tools like Splunk, QRadar, or ArcSight integrated with OT telemetry.
Experience with ICS Incident Response, digital forensics in OT environments, and industrial malware detection techniques.
Prior experience working with similar large energy/refining companies

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Vipany Global