[Remote] OT Security Engineer
Note: The job is a remote job and is open to candidates in USA. Seven Sourcing Limited is a growing energy infrastructure organization seeking an OT Security Engineer to enhance cybersecurity controls across industrial control systems and operational technology networks. The role involves securing critical infrastructure, managing compliance activities, and supporting incident response efforts in collaboration with various teams.
Responsibilities
- Design and implement secure network segmentation between operational technology, control systems, and enterprise environments
- Develop and maintain secure remote access solutions, including jump hosts, multifactor authentication (MFA), session monitoring, and least-privilege access controls
- Deploy, configure, and maintain endpoint detection and response (EDR) technologies on OT assets while maintaining operational reliability
- Establish and maintain hardened system baselines and configuration management standards for servers, workstations, HMIs, RTUs, controllers, and network equipment
- Conduct vulnerability assessments and coordinate remediation, mitigation, and patch management activities for OT environments
- Integrate OT telemetry and security logging into centralized monitoring platforms and optimize detections for industrial protocols and operational behaviors
- Support and maintain compliance with applicable critical infrastructure cybersecurity standards and regulatory requirements
- Maintain asset inventories, system classifications, and supporting compliance documentation
- Manage vendor security reviews, third-party access controls, and supply chain cybersecurity requirements
- Participate in internal audits, self-assessments, compliance reviews, and external examinations
- Produce technical documentation and evidence suitable for regulatory and audit purposes
- Monitor, investigate, and respond to OT cybersecurity events and incidents
- Coordinate incident response activities with operations teams, external service providers, and internal stakeholders
- Develop and maintain incident response procedures, playbooks, and recovery plans
- Conduct tabletop exercises and post-incident reviews to improve organizational readiness
- Support continuous improvement initiatives related to threat detection, vulnerability management, and security operations
- Establish cybersecurity requirements for equipment manufacturers, integrators, telecommunications providers, and field service organizations
- Review and approve third-party access requests based on documented policies and operational requirements
- Collaborate with procurement, legal, engineering, and operations teams to implement supply chain security controls
- Deliver cybersecurity awareness training to operators, technicians, contractors, and business partners
- Conduct site visits to operational facilities for security assessments, asset inventories, validation activities, and control testing
- Support planned maintenance events, outage coordination, and operational security initiatives
- Assist with cybersecurity planning during project development, commissioning, and operational phases
Skills
- Bachelor's degree in Cybersecurity, Computer Engineering, Electrical Engineering, Information Technology, or a related discipline, or equivalent practical experience
- 3–5+ years of experience in OT security, ICS security, SCADA security, industrial cybersecurity, or critical infrastructure protection
- Hands-on experience implementing cybersecurity controls within industrial or operational technology environments
- Knowledge of OT networking concepts, including VLANs, switching, routing, industrial firewalls, DMZ architectures, remote access solutions, and certificate-based authentication
- Familiarity with industrial control system components such as PLCs, RTUs, RTACs, HMIs, and related technologies
- Experience working with industrial communication protocols including Modbus, DNP3, and similar protocols
- Experience with SIEM, log management, and security monitoring platforms
- Strong documentation, reporting, and compliance management skills
- Excellent written and verbal communication skills with the ability to communicate technical concepts to operational stakeholders
- Ability to travel to operational facilities as required
- Valid driver's license
- Experience within renewable energy, utility, power generation, energy storage, manufacturing, or other critical infrastructure sectors
- Familiarity with NERC CIP requirements and critical infrastructure regulatory frameworks
- Experience supporting cybersecurity audits, assessments, or compliance programs
- Knowledge of cybersecurity frameworks such as NIST CSF, CIS Controls, IEC 62443, ISO 27001, or similar standards
- Experience working with managed security service providers (MSSPs) or security operations centers (SOCs)
- Industry certifications such as: GICSP, ISA/IEC 62443 Cybersecurity Specialist, CompTIA Security+, CISSP, GIAC certifications
Benefits
- Comprehensive medical, dental, and vision coverage.
- Retirement savings plan with employer contribution opportunities.
- Paid time off and company holidays.
- Flexible work arrangements, including remote and hybrid options where applicable.
- Professional development, training, and certification support.
- Opportunities for career growth within a rapidly evolving technical environment.
Company Overview