The Lead Engineer - OT Cybersecurity is responsible for defining and leading OT cyber security solutions across multiple products and projects in industrial/operational technology environments. This role requires strong cooperation with system and subsystem teams. Ideal candidate should be comfortable making design decisions in a sometimes-uncertain context, crafting innovative solutions, and demonstrating rigorous and decisive leadership. Work with multiple teams in different location to define OT Cybersecurity solutions to PCS products and projects.
Job Description
Key Responsibilities
Perform security architecture design and threat modeling for PCS Products and OT systems (SCADA, DCS, PLCs, safety systems, industrial networks).
Define security zoning/segmentation (e.g., Purdue model) and secure network architectures between OT and IT.
Translate IEC 62443, NIST CSF/800-82, and marine classification society requirements (DNV, ABS, LR, etc.) into practical architecture and design patterns for OT systems.
Security Controls Implementation; define and guide the implementation of security controls such as:
Secure remote access
Identity and access management in OT context
Monitoring and logging (SIEM, OT IDS)
Patch and vulnerability management for OT
Backup and recovery/incident response capabilities in industrial environments
Risk Assessments and Gap Analyses
Support security risk assessments and gap analyses for OT assets and environments.
Work closely with product teams, engineering, and operations to embed security by design into OT solutions.
Provide guidance and review of vendor solutions and third-party components for OT cyber security.
Contribute to secure SDLC practices for OT-related software and systems.
Experience:
7+ years of professional experience in cybersecurity, including substantial experience with OT/ICS environments:
Ability to consult with Product teams on alignment of outcomes and desired technical solutions.
Ability to analyze, design, and develop software solution roadmap and implementation plan based upon a current vs. future state of the business. Familiar with Cyber Security Standards -IEC62443, NIST, IACS E26/27, DNV, ABS, LR certification requirements.
Working knowledge of configuration choices and related cost implications; Experience with complex solution configurations.
Familiar with usage of Confluence, Jira, and Project Management tools.
Experience with OT systems: SCADA, DCS, PLCs, industrial control networks, and safety systems.
Familiarity with common OT protocols (Modbus, OPC-UA, DNP3, Profinet, etc.) and their security implications.
Experience designing secure architectures for:
Industrial networks, DMZs, and remote access
Edge computing and data ingestion from OT to cloud
Practical application of IEC 62443 (e.g., zone & conduit modeling, security levels, system requirements).
Business Acumen
Explaining cyber risks and mitigations to non-cyber, operations-focused stakeholders.
Influencing product roadmaps to embed security
Proven ability to translate complex OT cyber security risks into clear business impact and actionable mitigation plans for executive and operations audiences.
Adept at navigating the organizational matrix; understanding people’s roles, can foresee obstacles, identify workarounds, leverage resources, and rally teammates.
Possess extensive knowledge of the full solution catalog within a business unit and proficiency in discussing each area at an advanced level.
Leadership
Demonstrated working knowledge of internal organization.
Strong interpersonal skills, including creativity and curiosity with the ability to effectively communicate and influence across all organizational levels.
