Operational Technology Cybersecurity Subject Matter Expert (OT Cybersecurity SME)

Job Summary:

We are seeking an experienced Operational Technology (OT) Cybersecurity Subject Matter Expert to provide specialized knowledge and expertise in securing critical infrastructure and OT systems. This role requires in-depth knowledge of both IT and OT environments, as well as the ability to design and implement cybersecurity strategies and policies to protect OT systems from evolving threats. The OT Cybersecurity SME will collaborate with internal teams, external vendors, and regulatory bodies to ensure that our OT environments are secure, resilient, and compliant with industry standards. This role is on-site at our corporate office in Huntsville, AL.

Primary Duties:

• Teaching, training, and coordinating with dozens of allied and partner nations on OT cyber on behalf of the Office of the Secretary of Defense (OSD).
• Developing OT cyber technical demonstrations.
• Providing technical presentations to various audiences.
• Participating in cooperative OT Cyber efforts with other Federal and state Governments on behalf of OSD.
• Performing OT cyber test and assessment.
• Developing DoD and international cyber policy, including participating on international OT cyber standards committees.
• Performing and leading OT cyber research and development.
  
• Performing OT threat hunting, vulnerability assessment, and related activities.

Other Key Responsibilities:

• Cybersecurity Strategy & Consulting:
  • Develop and implement comprehensive OT cybersecurity strategies aligned with industry best practices (e.g., NIST, ISA/IEC 62443, and other relevant frameworks).
  • Advise on risk management and mitigation strategies related to OT cybersecurity, including threat assessment and vulnerability management.
  • Provide guidance on the integration of cybersecurity measures into OT environments while balancing operational requirements and security needs.
• OT System Security:
  • Lead efforts to assess the security of OT systems, including industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, and other critical infrastructure systems.
  • Design and enforce security protocols for OT networks, ensuring systems are protected from unauthorized access, disruption, and cyber threats.
  • Work with OT engineering teams to implement secure system configurations and perform regular assessments to ensure ongoing security compliance.
• Incident Response & Threat Detection:
  • Lead and support OT cybersecurity incident response activities, including detection, containment, investigation, and recovery from cyber incidents.
  • Develop and execute OT-specific threat detection strategies, using tools such as intrusion detection systems (IDS), firewalls, and security monitoring solutions.
  • Perform root cause analysis of security incidents and provide recommendations for remediation and improved security posture.
• Collaboration & Training:
  • Collaborate with cross-functional teams (IT, engineering, risk management, compliance, etc.) to ensure OT cybersecurity best practices are integrated across the organization.
  • Provide training and mentorship to team members and other stakeholders on OT cybersecurity best practices and threat awareness.
  • Stay updated on the latest OT cybersecurity threats, vulnerabilities, and mitigation techniques, and communicate emerging risks to relevant teams.
• Compliance & Standards:
  • Ensure OT systems and processes comply with relevant regulations and standards, such as NERC CIP, ISO/IEC 27001, and other industry-specific cybersecurity requirements.
  • Participate in audits, inspections, and assessments to verify compliance with OT cybersecurity policies, standards, and legal requirements.

Required Qualifications:

• Education & Certifications:
  • Bachelor’s or Master’s degree in Electrical or other Engineering discipline.
    
  • Relevant certifications such as CISSP, CISM, CISA, GIAC GICSP, or other OT/ICS cybersecurity certifications are highly preferred.
    
  • Obtain and Maintain Top Secret/SCI Clearance.
    
• Experience:
  • At least 15 years of experience of technical hands-on experience in industrial control or related environments (manufacturing, electricity, water, oil and gas, etc.), including maintaining equipment, programming automation controls, and developing/implementing architectures.
  • Knowledge of DoD is preferred.
  • Deep understanding of the unique security challenges and considerations in OT environments (e.g., availability, safety, legacy systems).
• Technical Expertise:
  • In-depth knowledge of OT/ICS protocols such as Modbus, DNP3, OPC, BACnet, and other industrial communication protocols.
  • Proficiency with OT cybersecurity tools (e.g., IDS/IPS, firewalls, SIEM systems, vulnerability scanning tools) and the ability to implement these tools in an OT environment.
  • Familiarity with network segmentation, firewalls, VPNs, and secure remote access solutions for OT systems.

Desired Skills:

• Strong analytical and problem-solving skills, with the ability to develop innovative solutions for complex OT cybersecurity challenges.
• Excellent written and verbal communication skills, with the ability to communicate technical concepts to non-technical stakeholders.
• Ability to work independently, manage multiple tasks, and collaborate effectively within cross-functional teams.
• Knowledge of the regulatory landscape and industry standards impacting OT security (e.g., NIST Cybersecurity Framework, ISA/IEC 62443, NERC CIP).

Working Conditions:

• Full-time position based in Huntsville AL.
• Occasional travel to operational sites or client locations as required.
• On-call availability may be required for incident response and emergency situations.

This role offers a unique opportunity to be at the forefront of securing critical industrial systems and shaping the future of cybersecurity within the OT space. If you have a passion for both cybersecurity and industrial technology, we invite you to apply and contribute to enhancing the security of our OT environments.