Overview
Skills
Job Details
Position: OT Cybersecurity Engineer
Purdue Level 1/2 Zoning & Firewall Design
Location: Baton Rouge, LA
Role Overview:
We are seeking a highly skilled Operational Technology (OT) Cybersecurity Engineer with deep
expertise in industrial control system (ICS) security architecture, focusing on Purdue Model
Level 1 and Level 2 zoning, firewall configuration, and secure network segmentation within
complex refinery and chemical processing environments. The ideal candidate will possess
hands-on experience designing and implementing OT cybersecurity zones and controls that
comply with NIST 800-82, ISA/IEC 62443, and other industry best practices. This role requires
both technical acumen and the ability to perform detailed on-site assessments, vulnerability
analysis, and operational risk mitigation in highly secure industrial facilities.
Key Responsibilities:
OT Network Security Architecture & Firewall Design
Must-Have Qualifications & Skills:
Minimum 10+ years of experience in industrial control system (ICS) cybersecurity,
specifically within energy, oil & gas, or chemical sectors.
Proven track record designing and implementing Purdue Model Level 1 and 2 zones,
secure firewall configurations, and DMZ architectures in OT environments.
Expertise configuring and managing firewalls and network security appliances from
Palo Alto, Fortinet, or equivalent platforms in ICS/OT settings.
Hands-on experience with asset discovery and vulnerability assessment tools such as
Tenable OT, Dragos, Claroty, or Nozomi.
Proficient in PowerShell and Python scripting for automation of security monitoring and
operational controls.
Strong understanding of ICS protocols (Modbus, DNP3, OPC-UA) and OT network
architectures.
Excellent communication skills for cross-team collaboration and report writing.
TWIC Card strongly preferred for secure site access.
Preferred Skills & Certifications:
Certifications such as GICSP (Global Industrial Cyber Security Professional), ISA/IEC
62443 Cybersecurity Expert, CISSP, or CEH.
Familiarity with SIEM tools like Splunk, QRadar, or ArcSight integrated with OT telemetry.
Experience with ICS Incident Response, digital forensics in OT environments, and
industrial malware detection techniques.
Prior experience working with similar large energy/refining companies.
Work Environment & Travel:
Role requires onsite presence in Baton Rouge, LA, with frequent field visits to
chemical/refinery plant areas.
Must adhere to all safety, security, and operational protocols, including wearing proper
PPE and following plant access procedures.
Will be required to participate in shift work, emergency on-call rotations, and incident
response drills as necessary.