Sr Cyber Security Analyst -OT

Overview

Hybrid
Up to $170,000
Full Time
25% Travel

Skills

security engineer
OT
operational technology
SCADA
NERC CIP
SentinelOne
Crowdstrike
Dragos
Claroty
Nozomi
IAM
cybersecurity
Modbus
JMUX

Job Details

Job Summary

We are seeking a highly skilled Cyber Security Engineer and Operations Specialist to lead and support cybersecurity efforts in our Operational Technology (OT) environments. This role focuses on securing critical infrastructure systems by performing risk assessments, managing compliance, engineering defenses, and collaborating with cross-functional teams to uphold the highest OT security standards.

Job Responsibilities

Include but are not limited to:

  • Maintain, engineer, and support OT-specific cybersecurity toolsets including visibility and baselining platforms.
  • Perform, interpret, and articulate results from OT security assessments (e.g., NIST, IEC 62443, NERC CIP) and provide actionable insights for continuous improvement.
  • Identify and assess OT security risks and recommend mitigation strategies.
  • Develop and maintain technical and process driven standard operating procedures (SOPs).
  • Ensure adherence to, and continuous improvement of NERC CIP regulatory requirements.
  • Collaborate with IAM, Security Operations and Architecture/Engineering teams to assess architectural designs and provide improvement recommendations.
  • Support OT Governance, Risk, and Compliance (GRC) initiatives, including Vulnerability & Risk Compliance, Cyber Governance, Awareness & Strategy, Third-Party Risk, and Security Architecture.
  • Provide technical expertise for OT threat risk assessments, and support the development, testing, and implementation of security plans and controls to mitigate cyberattacks or serious security events.

NERC CIP Responsibilities:

  • Owns functional tasks on day-to-day compliance with the all the NERC Standard's Requirements assigned.
  • Serves as contact for all assigned compliance activities. Coordinates the reviews and approvals as specified in Standard Requirements.
  • Ensures required policies/procedures are followed and that any local department-level procedures encompassing the NERC Compliance Standards Requirements are up to date.
  • Provides materials for required reviews and approvals of all assigned compliance activities for submission.
  • Works with SME Mgrs and Lead SME Contributor on functional day-to-day compliance activities to ensure all are effectively coordinated, sustained in the LOB. Provides updated and approved input to the Lead SME for the Reliability Standard Audit Worksheets, CIP Evidence Request Tool, O&P Evidence Tracking Sheet and for all assigned NERC Standard. Includes FERC, NERC, NPCC, LIPA, NY State, DHS.

Job Specific Qualifications

Required

Bachelors degree in Computer Science Information Systems Cyber Security Mathematics or Engineering with a minimum of 6 years of experience in Information Security

In lieu of a degree a minimum of 10 years of experience in Information Security

Strong verbal and written communication skills

Ability to work independently with minimal supervision

Technical Skills

Demonstrated cybersecurity experience in OT environments including work with Windows Linux and OT specific devices such as HMIs PLCs and RTUs

Intermediate knowledge of networking principals including network segmentation ZTNA strategies and core switch router firewall fundamentals

Understanding of OT network frameworks such as the Purdue Model and IEC 62443

Experience with OT vulnerability management platforms and risk assessment methodologies

Familiarity with modern endpoint protection platforms eg CrowdStrike SentinelOne

Minimum of 1 year of experience with OT visibility and vulnerability platforms eg Dragos Claroty Nozomi

Strong experience in incident response and threat analysis including the development of response procedures

Knowledge of Identity and Access Management IAM fundamentals including Active Directory ADCS and Privileged Access Management

Desired

Experience with OTspecific protocols eg MODBUS DNP3 JMUX

Familiarity with securing legacy and airgapped systems

Experience with site assessments asset inventory validation and baseline development for OT environments

Experience with OT baselining tools eg Tripwire Industrial Defender

Proficiency in SIEM technologies alert analysis and event correlation

Experience in a NERC CIPregulated OT environment

SC2 Certified Information Systems Security Professional CISSP certification

Minimum Years of Experience

6 years of experience

Education

Bachelors

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.