Business Operations OT Security Analyst

RESPONSIBILITIES:
Kforce has a client that is seeking a Business Operations OT Security Analyst in Aurora, CO.

Key Responsibilities:
* Act as a trusted cybersecurity SME; Partner with cross-functional teams to assess risk and drive secure practices
* Collaborate with leadership and CISO on metrics, reporting, and business reviews to measure program effectiveness
* Promote security-by-design to ensure confidentiality, integrity, availability, and regulatory compliance
* Conduct risk assessments across IT/OT systems, applications, and vendors
* Support vendor security reviews and ensure proper security terms in MSAs, SOWs, and related agreements
* Present risk mitigation strategies and cost-benefit analyses to support decision-making
* Contribute to cybersecurity strategy aligned with frameworks such as NIST
* Support security awareness and training initiatives to build a strong cybersecurity culture
* Maintain incident response readiness; Support planning, exercises, investigations, and recovery efforts
* Coordinate vulnerability assessments and penetration testing; track and prioritize remediation efforts
* Partner with Security Operations, Risk & Compliance, and infrastructure teams to deploy and optimize security tools
* Support internal/external audits and track remediation of findings
* Stay current on emerging threats, regulatory changes, and industry best practices

Senior-Level Responsibilities:
* Lead OT security control assessments and develop risk mitigation strategies
* Present findings and recommendations to leadership
* Design and lead incident response exercises
* Provide technical leadership across IT/OT cybersecurity initiatives
* Support forensic investigations and translate findings into executive-level insights
* Contribute to long-term cybersecurity roadmap development
* Mentor junior team members and act as an escalation point

REQUIREMENTS:
* Bachelor's degree in a related field or equivalent experience
* Relevant certifications (CISSP, CISA, Security+, GIAC, etc.) or ability to obtain within 6 months
* 4+ years of cybersecurity experience (6+ for senior level)
* Experience in risk assessment, incident response, or IT/OT security environments
* Familiarity with NIST frameworks and risk management practices

Core Competencies:
* Strong analytical, problem-solving, and communication skills
* Ability to translate technical risks into business terms
* Proven ability to collaborate across teams and manage competing priorities
* Ability to deliver clear, actionable recommendations

The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.

We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.

Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.

This job is not eligible for bonuses, incentives or commissions.

Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.