Help AG, an e& enterprise company, is looking for an experienced OT Cybersecurity Engineer with a strong background in industrial automation and cybersecurity. The ideal candidate will bridge the gap between industrial teams and cybersecurity teams, ensuring effective communication and collaboration. This role involves securing Operational Technology (OT) environments, implementing advanced cybersecurity solutions, and enhancing visibility and monitoring across critical infrastructure.
Responsibilities:
- Act as an on-site OT cybersecurity expert, ensuring the security and resilience of industrial control systems.
- Collaborate with industrial teams (engineering, operations, maintenance) and cybersecurity teams to align security measures with operational needs.
- Implement and manage OT firewalls and Next-Generation Firewalls (NGFWs) to protect industrial networks.
- Deploy and configure OT visibility solutions such as Dragos and Nozomi Networks for threat detection and monitoring.
- Oversee OT endpoint security solutions to safeguard critical assets from cyber threats.
- Manage and implement unidirectional gateway solutions for secure data transfers between OT and IT environments.
- Design and implement secure remote access solutions for OT environments, ensuring compliance with security policies.
- Support and optimize OT centralized visibility and monitoring systems for real-time situational awareness.
- Contribute to the design and operation of an OT Security Operations Center (SOC) for proactive threat detection and response.
- Develop and maintain OT security architecture designs aligned with industry standards and best practices.
- Apply the Purdue Model for network segmentation and access control within industrial environments.
- Perform risk assessments, vulnerability management, and compliance audits to identify and mitigate security gaps.
- Assist in incident response, forensic investigations, and threat hunting for OT environments.
- Ensure compliance with regulatory frameworks and industry standards, including IEC 62443, NIST 800-82, NCA OTCC, and ISO 27001.
- Provide cybersecurity training and awareness programs tailored for OT personnel.
Qualifications & Skills:
- Bachelor’s or Master’s degree in Cybersecurity, Industrial Automation, Electrical Engineering, Computer Science, or a related field.
- 5+ years of experience in OT cybersecurity, industrial automation, or a similar role.
- Strong understanding of Industrial Control Systems (ICS), SCADA, PLCs, DCS, and IIoT security.
- Expertise in OT firewalls, NGFWs, and network security solutions.
- Hands-on experience with OT visibility solutions (e.g., Dragos, Nozomi Networks, Claroty, Tenable OT).
- Experience with OT endpoint security solutions (e.g., whitelisting, EDR for ICS).
- Knowledge of secure remote access technologies, VPNs, jump servers, and segmentation strategies.
- Familiarity with OT security frameworks, risk assessment methodologies, and security controls.
- Understanding of industrial protocols such as Modbus, DNP3, IEC 61850, OPC-UA, and PROFINET.
- Strong knowledge of the Purdue Model, ISA/IEC 62443 security zones, and network segmentation best practices.
- Experience in OT Security Operations Center (SOC) operations, incident detection, and response.
- Knowledge of unidirectional gateways (e.g., Waterfall, Owl Cyber Defense) and their applications in critical infrastructure.
- Strong problem-solving skills and ability to analyze complex OT cybersecurity issues.
Preferred Certifications:
- ISA/IEC 62443 Cybersecurity Certificate
- GIAC Global Industrial Cyber Security Professional (GICSP)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified SCADA Security Architect (CSSA)
- SANS ICS410: ICS/SCADA Security Essentials
- Fortinet NSE4/NSE7 (OT Security Focus)
- Palo Alto PCNSE (OT Security Focus)
Benefits:
- Health insurance with one of the leading global providers for medical insurance.
- Career progression and growth through challenging projects and work.
- Employee engagement activities throughout the year.
- Tailored training & development program.
Language Requirements:
- Strong communication skills to interact with industrial and cybersecurity teams in English.
Help AG has established itself as the region's trusted IT security advisor by remaining vendor agnostic, trustworthy, independent, and focused on cybersecurity. With the best-of-breed technologies from industry-leading vendor partners, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.