OT/ICS Security Engineer

Role Summary

NetworkSharks is seeking an experienced OT/ICS Security Engineer to join our industrial security practice. You will work directly on client engagements at energy facilities, utilities, and critical infrastructure sites — conducting security assessments, supporting network segmentation design, and implementing monitoring and detection capabilities for operational technology environments.

This is an on-site role. You will be deployed to client facilities, working alongside plant operations teams, control system engineers, and IT security personnel. You must be comfortable operating in industrial environments, following safety protocols, and communicating technical findings to both engineering and executive audiences. The work you do in this role has direct safety and operational consequences — we take that seriously, and we expect you to as well.

Key Responsibilities

• Assess and identify security vulnerabilities in SCADA, DCS, PLC, RTU, and HMI environments using passive, non-disruptive methodologies
• Perform OT network architecture reviews including zone/conduit analysis, IT/OT boundary assessment, and Purdue Model segmentation evaluation
• Conduct passive asset discovery and build OT asset inventories without disrupting live processes
• Review and assess industrial communication paths including Modbus TCP, DNP3, OPC-UA, PROFINET, EtherNet/IP, and IEC 61850
• Evaluate remote access controls — VPN, RDP, jump servers, vendor access workflows, and bastion host configurations
• Review engineering workstation, historian, and jump host security configurations and hardening
• Validate firewall rules and industrial DMZ architecture across IT/OT integration points
• Support implementation and tuning of passive OT monitoring tools (Claroty, Dragos, Nozomi Networks)
• Assess vulnerability management constraints and patch processes in OT environments with long equipment lifecycles
• Support OT incident response planning and tabletop exercises with operations and engineering teams
• Produce assessment reports, segmentation diagrams, and remediation roadmaps for client delivery

Required Technical Skills

• Hands-on experience with OT/ICS environments — SCADA, DCS, PLC, or RTU — in an energy, utilities, or industrial context
• Understanding of industrial networking — managed switches, serial-to-Ethernet converters, industrial firewalls, and OT DMZ design
• Familiarity with IEC 62443, NIST SP 800-82, and/or NERC CIP frameworks
• Experience with passive network monitoring tools and SPAN/tap-based traffic capture in OT environments
• Knowledge of industrial protocols: Modbus TCP, DNP3, OPC-UA, PROFINET, EtherNet/IP
• Understanding of allowlisting, application control, and endpoint hardening for industrial workstations
• Ability to read industrial network diagrams and single-line electrical diagrams

Preferred Qualifications

• GICSP (Global Industrial Cyber Security Professional) or equivalent OT security certification
• Experience with Claroty, Dragos Platform, Nozomi Networks, or Tenable OT
• Familiarity with Rockwell Automation, Siemens, Schneider Electric, or ABB control systems
• Industrial safety awareness training (H2S Alive, WHMIS, site-specific safety induction)
• Experience working within or alongside plant operations teams in energy or utilities

Experience Requirements

• Minimum 4 years of experience with OT/ICS security or industrial networking
• Experience working on-site at industrial facilities with operational safety awareness
• Demonstrated ability to work collaboratively with both IT and OT/engineering stakeholders

Operational & Safety Awareness

• You understand that active scanning in OT environments is unacceptable — passive methodologies only unless explicitly authorized
• You follow site safety rules without exception and hold a current safety ticket or are willing to obtain one
• You communicate clearly with operations teams before any activity that could affect a running process
• You understand that uptime and safety take precedence over security implementation speed

What Success Looks Like

• You complete site assessments without disrupting operations or triggering safety events
• Plant engineers trust your judgment and value your recommendations
• Your asset inventories and architecture reviews surface real findings that clients act on
• Your remediation roadmaps are pragmatic — prioritized within the realities of OT lifecycle constraints
• You produce assessment reports that are technically precise and operationally grounded