Security Engineer | Operational Tech/Infrastructure Security (Houston, TX)

The OT Cyber R&D Engineer is responsible for researching and developing secure design of OT security solutions for the Cyberwise program initiative at multiple business units across the company.

Technologies that may be included within the CyberWise initiative include : Network segmentation, Secure Remote Access, Multi-Factor Authentication, Identity and Access Management, and End Point Protection.

Qualifications, skills, and all relevant experience needed for this role can be found in the full description below.

Work Allocation Responsibilities :

• Develop OT security research project proposals for consideration by internal research portfolios.
• Research, test, and / or lead proof-of-concepts for new and emerging OT technologies.
• Lead cybersecurity risk assessments for designs / installations and / or emerging technology OT solutions to determine criticality rankings and risk gaps.
• Utilize industry standards and frameworks (e.g., NIST-800-53 / 82, IEC-62443, MITRE ATT&CK / D3FEND) to identify capabilities and technologies to provide enhanced cyber defenses in diverse scenarios.
• Develop cybersecurity guardrails and reference architectures to enable CyberWise Program emerging technologies, such as Identity and Access Management, End Point Protection, Network Segmentation, Asset Inventory Management, and Immutable backup capabilities for OT.
• Provide recommendations and plans to mitigate identified issues from OT cybersecurity risk assessments, ICS Vulnerability assessments, and OT Pen tests.

Required Technical Skills :

• Experience in utilizing frameworks and standards such as NIST-800-53 / 82 and IEC-62443 in an ICS environment.
• Demonstrated OT Cybersecurity project experience including leading the development of security architectures (programs) and secure network architectures (systems).
• Experience in performing OT / ICS vulnerability scans, passively and actively with technologies such as Tenable Nessus or NMAP scanning tools.
• Understanding of threats, vulnerabilities, attack paths, and exploits in an OT / ICS environment.
• Experience with selecting, designing, architecting, and deploying security technologies to an OT / ICS environment.
• Experience and deep understanding of key technologies such as : End Point Protection, Identity and Access Management, Network Segmentation, and Backups.
• Demonstrated ability to work effectively and communicate effectively at all levels with operations, design, projects, vendors, peers, etc.
• Knowledge of techniques and tools that promote effective analysis and the ability to determine root cause and resolution of problems.

Required Functional / Domain Knowledge :

• Minimum 10 years related work experience in Operational Technology / Industrial Controls Systems Cybersecurity field with increasing levels of responsibility.
• Hands-On experience with OT / ICS critical infrastructure in energy or similar industries preferred.

Other Preferred Skills / Competencies :

Experience with OT, ICS, PCN systems, including PCN infrastructure, network and network security, applications, and databases.

Functional knowledge in systems architecture for both IT and OT systems.

• Vendor-specific training on Operational Technology, ICS equipment manufacturers, and internal network systems are highly preferred.
• Strong knowledge of IAM concepts, standards, and protocols, such as OAuth, OpenID Connect, SAML, SCIM, and FIDO.
• Experience with IAM tools and platforms.
• Experience in working with EDR platforms such as Microsoft Defender, Symantec, McAfee, or Carbon Black.
• Experience working with endpoint protection tools and frameworks, such as antivirus, firewall, EDR, and DLP.
• Experience in working with Windows, Linux, and Mac operating systems and platforms.
• Excellent problem-solving, debugging, and communication skills.
• Communicates in a clear, concise, understandable manner both orally and in writing.
• Associate or Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a similar technical degree.

Relevant experience will be considered.

J-18808-Ljbffr