OT Cybersecurity Engineer

Contractor will support delivery and implementation across Industrial Cybersecurity Services Portfolios including:

• Plant Security Services: Security Assessments Industrial Security Consulting Remote Industrial Operations Services (RIOpS)
• Network Security Services: Industrial Next Generation Firewall Industrial DMZ Infrastructure Remote Platform SaaS (cRSP)
• System Integrity Services: Endpoint Protection Vulnerability Services (incl. Vilocify PoC) Patch Management Backup & Restore

• Execute industrial/OT security assessments (site/remote) including asset inventory validation risk findings and actionable remediation plans aligned to customer environments (plant/line/cell ICS/SCADA).
• Design and implement network security controls: segmentation approach Industrial DMZ patterns firewall policy/ruleset development and OT/IT integration hardening for industrial networks.
• Support remote operations enablement (RIOpS / cRSP): define secure remote access patterns operational runbooks monitoring/incident handling procedures and customer handover artifacts.
• Deliver system integrity services: endpoint protection rollout support vulnerability scanning coordination (Vilocify services PoC support) patching strategy and execution planning and backup/restore validation.
• Produce customer-ready deliverables (assessment reports architectures implementation plans as-builts and SOPs) and contribute to standard Siemens playbooks/templates for repeatability.

• Bachelors degree in Cybersecurity Computer Science Engineering or equivalent practical experience.
• 5 years cybersecurity experience with 3 years in OT/industrial environments (manufacturing utilities energy etc.).
• Proven experience with ICS/OT architectures and security controls (segmentation remote access jump hosts logging/monitoring).
• Familiarity with common OT security frameworks/standards (e.g. IEC 62443 / NIST concepts) and translating them into practical controls.
• Hands-on firewall and segmentation experience (policy design NAT VPN routing rule lifecycle troubleshooting).
• DMZ design/implementation experience for industrial environments.
• Endpoint protection deployment support and troubleshooting.
• Vulnerability assessment lifecycle (scan planning validation triage remediation guidance reporting); ability to support Vilocify-based engagements and PoCs.
• Strong customer-facing consulting skills: requirements capture clear documentation executive-level readouts and tight project coordination.
• Ability to work independently manage priorities and collaborate across sales/delivery/engineering.