HiringCafe
Posted 2w ago

OPERATIONAL TECHNOLOGY (OT) SECURITY ENGINEER

@ iP-Plus Consulting
View All Jobs
Fort Belvoir, Virginia, United States
OnsiteFull Time
Responsibilities:perform vulnerability assessments, manage OT device updates, deploy security monitoring solutions
Requirements Summary:7+ years OT cybersecurity experience; OT/ICS/SCADA expertise; DoD requirements; OT network security, vulnerability management, incident response, and compliance knowledge; DoD 8570 IAT2, ICS300, Forescout certs; DoD Secret clearance.
Technical Tools Mentioned:Modbus/TCP, EtherNet/IP, IEC 61850, ICCP, DNP3, BACnet, NIST CSF, ISA/IEC 62443, NERC CIP, STIGs, TCG configuration guides, IAVMs, ACAS, Nessus, Qualys, Forescout, EyeInspect, Microsoft Excel, Access, Power BI, Power Platform
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Overview
iP-Plus Consulting is seeking an Operational Technology (OT) Security Engineer to support an upcoming Federal program. This role integrates OT processes with enterprise information systems to resolve cybersecurity challenges across SCADA, ICS, and industrial control environments. You will provide security engineering support for the planning, design, development, testing, and integration of OT systems while ensuring the Federal agency environment meets all DoD cybersecurity standards across both NIPRNET and SIPRNET.

Key Responsibilities

  • Perform vulnerability assessments across OT/IT networks, databases, applications, and industrial control systems
  • Manage software and firmware updates for OT devices while minimizing operational disruption
  • Deploy and tune security monitoring solutions for OT environments including anomaly detection and threat intelligence integration
  • Conduct OT-specific risk assessments — identify threats, vulnerabilities, and operational impacts; recommend risk-based mitigation strategies
  • Develop and implement OT-specific incident response plans and support forensic analysis workflows
  • Prepare and support environments for DoD cybersecurity inspections: CCRI, CORA, and Blue Team reviews
  • Develop, maintain, and validate cybersecurity artifacts and compliance documentation
  • Coordinate with the correct teams on OT vulnerability notifications; assist with fixes and updates for edge devices
  • Build automated workflows for vulnerability remediation, compliance checks, and reporting
  • Bridge IT and OT cybersecurity requirements to ensure aligned policies and protections across the Federal enterprise
  • Produce clear, audit-ready reports and analytics for both technical and leadership audiences

Required Qualifications

  • 7 years of relevant OT Cybersecurity experience
  • Experience with OT communication protocols: Modbus/TCP, EtherNet/IP, IEC 61850, ICCP, DNP3, BACnet
  • Strong understanding of OT systems: SCADA, ICS, DCS, PLCs, HMIs, RTUs, and field devices
  • Knowledge of secure OT network architectures: segmentation, firewalls, IDS/IPS, and network monitoring
  • Proficiency with OT cybersecurity frameworks: NIST CSF, ISA/IEC 62443, NERC CIP
  • Familiarity with DoD requirements: STIGs, TCG configuration guides, IAVMs, and Task Orders
  • Knowledge of vulnerability scanning tools: ACAS, Nessus, Qualys, Forescout, EyeInspect
  • Experience managing patch management workflows and enterprise change management for OT environments
  • Ability to build automated workflows for remediation, compliance, and reporting
  • Proficiency with Microsoft Excel, Access, Power BI, and Power Platform
  • Strong written and verbal communication; ability to brief senior leaders and translate technical findings for non-technical stakeholders

Required Certification

  • DoD 8570 IAT Level 2 required (transitioning to DoD 8140)
  • ICS300 or equivalent OT/ICS Cybersecurity Certification required
  • Forescout certification required

Required Security Clearance

  • Active DoD Secret ClearanceIT-II Non-Critical Sensitive / Tier 3 (T3)

Preferred Skills

  • Experience supporting SCADA or ICS environments within a DoD or Federal agency context
  • Familiarity with NERC CIP compliance processes and reporting requirements
  • Experience with Forescout EyeInspect or similar OT asset visibility platforms
  • Background in supply chain risk management for OT equipment and services
  • Ability to develop and refine SOPs and TTPs specific to OT vulnerability management
  • Strong analytical skills and proven ability to work independently with minimal oversight in a fast-paced Federal environment


This position is contingent upon contract award. Employment is expected to begin upon successful award and funding of the program.