Sign upLog in

OT/ICS Security Lead

PeopleNTech LLC

Alexandria, VA

Apply
JOB DETAILS
SALARY
$80–$85 Per Hour
SKILLS
Access Control, Analysis Skills, Automation, Biotech and Pharmaceutical, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Communication Skills, Computer Security, Cross-Functional, DMZ, Distributed Control Systems (DCS), Firewalls, Gap Analysis, Healthcare, Human Machine Interface (HMI), ISA Standards, Industrial Management, Industry Standards, Information Technology & Information Systems, International Electro-Technical Commission (IEC), Internet Security, Manufacturing/Industrial Processes, Network Architecture/Engineering, Network Design, Network Monitoring, Network Protocols, Network Traffic Analysis, Operations Processes, Plant Management, Problem Solving Skills, Programmable Logic Controller (PLC), Remote Access, Risk, Risk Analysis, Risk Management, Safety Systems, Safety Training, Security Analysis, Supervisory Control and Data Acquisition (SCADA), U.S. National Institute of Standards and Technology (NIST)
LOCATION
Alexandria, VA
POSTED
24 days ago
Indent :SF_OP_203802-1-4
Role : OT/ICS Security Lead
Location : Boston, MA (Hybrid)
Rate : $80/hr – $85/hr

About the position
  • Lead and execute OT/ICS cybersecurity activities across multiple industrial sites ( customer sites)
  • Focus on industrial security assessment, segmentation, and risk reduction
  • Ensure OT environments are:
    • Secure
    • Stable
    • Aligned to IEC 62443 and NIST standards
  • Work closely with plant operations, engineering teams, and IT security teams
  • Deliver practical, implementable solutions without impacting production
What you'll do
Key Responsibilities
1. OT/ICS Security Assessment
  • Site visit and Conduct end-to-end OT security assessments across plants / operational sites ( apprx.10 sites)
  • Perform:
    • Asset discovery (PLCs, SCADA, HMI, network devices)
    • Network architecture reviews
    • Vulnerability identification
  • Identify:
    • Control gaps
    • Exposures and attack surfaces
    • Legacy system risks
  • Perform gap analysis aligned to IEC 62443 / NIST SP 800-82 frameworks
  • Deliver:
    • OT baseline reports
    • Risk findings and recommendations
2. OT Network Architecture & Segmentation
  • Design OT network segmentation using Purdue Model (zones & conduits)
  • Define:
    • IT–OT DMZ architecture
    • Secure communication pathways
    • Trust boundaries between systems
  • Recommend:
    • Firewall placement
    • Network isolation strategies
  • Ensure:
    • Industrial safety is not impacted
    • uptime and operational continuity are maintained
3. Industrial Cyber Risk Management
  • Identify risks across:
    • PLCs
    • SCADA systems
    • Industrial protocols
    • Vendor remote access
  • Analyze:
    • Operational impact
    • Safety risks
    • Business criticality
  • Maintain and update:
    • OT risk register
    • Risk prioritization matrix
  • Provide:
    • Risk mitigation strategies
    • Residual risk recommendations
4. Security Controls & Hardening
  • Define and recommend OT-specific security controls, including:
    • Network segmentation
    • Access control (RBAC, vendor access)
    • Monitoring & logging
  • Design compensating controls for:
    • Legacy PLC/SCADA systems
    • Systems that cannot support endpoint agents
  • Ensure controls are:
    • Practical
    • Deployable with minimal disruption
5. OT Monitoring & Threat Detection
  • Deploy and tune OT monitoring tools:
    • Claroty
    • Nozomi
    • Dragos
  • Perform:
    • Network traffic analysis
    • Protocol-level inspection
  • Detect:
    • Anomalies
    • Lateral movement risks
    • Unauthorized access
  • Integrate OT monitoring insights with IT security systems where feasible
6. Remediation & Technical Debt Reduction
  • Develop OT remediation roadmap based on findings
  • Define:
    • Short-term mitigations
    • Long-term improvements
  • Track:
    • Remediation actions
    • Owners and timelines
  • Support:
    • Technical debt reduction
    • Migration to secure baseline architecture
7. Site-Level Engagement & Coordination
  • Work closely with:
    • Plant managers
    • OT engineers
    • Maintenance and automation teams
  • Align security solutions with:
    • Operational processes
    • Maintenance windows
    • Safety requirements
  • Conduct:
    • Workshops
    • Site walkthroughs
    • Stakeholder discussions
8. Industrial Security Standards & Compliance
  • Ensure alignment with:
    • IEC 62443
    • NIST SP 800-82
  • Support:
    • Compliance assessments
    • Audit readiness
  • Map controls to:
    • Industry standards
    • Organizational security baselines
Key Deliverables
  • OT asset discovery and baseline report
  • Industrial risk assessment and mitigation plan
  • Purdue-based segmentation design
  • Security control recommendations
  • Remediation roadmap and tracking
  • Reduced OT cybersecurity risk across sites
What you'll bring
Core OT Security Skills
  • Hands-on experience with:
    • PLC, SCADA, DCS, ICS systems
  • Strong knowledge of:
    • Industrial network protocols
    • OT attack vectors and threats
Technical Expertise
  • Frameworks:
    • IEC 62443
    • NIST CSF / SP 800-82
  • Architecture:
    • Purdue Model
    • Zone–conduit segmentation
  • Tools:
    • Armis / Claroty / Nozomi / Dragos
    • OT monitoring & network visibility tools
Industrial Domain Knowledge
  • Experience in:
    • Healthcare / pharma /
    • Manufacturing / process plants
  • Understanding of:
    • Safety systems
    • Production-critical operations
Soft & Functional Skills
  • Strong problem-solving and analytical thinking
  • Ability to work with cross-functional OT + IT teams
  • Strong communication skills for:
    • Technical and non-technical stakeholders
Preferred Certifications
  • GICSP (Global Industrial Cyber Security Professional)
  • ISA/IEC 62443 Certification
  • CISSP / CISM (optional but beneficial)

About the Company

P

PeopleNTech LLC