OT/ICS Cybersecurity Engineer (Operational Technology) - Full-time

Position Overview

Are you interested in working at the cutting edge of industrial cybersecurity? As the OT/ICS Cybersecurity Engineer (Mid Level) at Jacobs, you’ll work at the forefront of securing high criticality operational technology systems—from design through deployment. You'll join a team of dedicated cybersecurity professionals supporting design compliance, discrete assessments, and integration of contemporary cybersecurity standards (NIST, NERC CIP, IEC-62443, etc.) within complex industrial control systems. At Jacobs, a global technology and engineering leader, you play a key role in protecting infrastructures that power vital programs.

Key Responsibilities

• Support cybersecurity design of OT networks by ensuring compliance with appropriate security standards.
• Provide cybersecurity assessments of OT/ICS across Jacobs markets, analyzing current state, mitigation measures, and implementing solutions.
• Support the integration of switching, servers, firewalls, virtual machines, and other technologies into secure OT environments.
• Perform forensics analysis of OT devices to assist in cyber incident investigations.
• Develop consultative OT security solutions including attack emulation, penetration testing, threat hunting, and deception operations.
• Travel to project sites to deliver support for ICS networks and manage converged platforms, virtualization, and security platforms for various OT/IoT technologies.

Required Qualifications

• 5+ years of experience in OT/ICS security with a proven record of leading engagements.
• Experience with OT network monitoring and data collection tools.
• Technical background with hands-on experience in conducting security reviews and assessments of OT cybersecurity risk landscapes.
• Knowledge of protocols such as DNP, Modbus, SEL, and IEC-61850 (both serial & IP based).
• Experience working with firewalls, wireless communication technology, virtualization platforms, Active Directory Domain Services, and DNS.
• Familiarity with industrial cybersecurity standards including IEC-62443.
• Understanding of the Purdue Enterprise Reference Architecture and Zero Trust Architecture.

Preferred Qualifications

• IAT Level II Certification (Security+, GICSP).
• Cisco CCNA, Fortinet NSE-4, JNCIA or an equivalent network certification.
• Expertise in MITRE ATT&CK® and ATT&CK for ICS Frameworks.
• Hands-on experience programming ICS vendor Human Machine Interface (HMI) equipment and Programmable Logic Controllers (PLCs).
• Experience with Industrial Internet of Things and edge computing.
• Working knowledge of NIST SP 800 series guidelines.
• Experience implementing secure remote access solutions.