Security Engineer - Operational Technology Job at SPECTRAFORCE in Kansas City

Job Title: Security Engineer - Operational Technology (OT) Location: Kansas City KS USA 66111 Duration: 6 Months Assignment (Contract to hire) Shift: 8:00am to 5:00pm (Standard) Summary As an Operational Technology (OT) Security Engineer at CLIENT, you will collaborate with cross-functional teams to design, implement, and maintain cybersecurity measures that protect CLIENT’s manufacturing capabilities from cyber threats and vulnerabilities. Job Duties and Responsibilities Assist in designing, monitoring, and enforcing cybersecurity standards, procedures, and controls within manufacturing plant environments, covering areas such as physical security, network segmentation, firewalls, and intrusion detection systems. Partner with manufacturing sites, engineering, and IT teams to analyze current OT architecture and integrate cybersecurity measures across plant facilities. Develop and maintain OT-specific cybersecurity documentation, including risk registers, dashboards, and detailed reports to communicate OT risk posture effectively to stakeholders. Assess current security architectures to identify vulnerabilities and design enhanced protections. Implement an ongoing vulnerability detection and remediation program for OT systems and oversee vulnerability testing. Conduct risk assessments on OT systems using frameworks like NIST CSF, ISO 27001, and ISA/IEC 62443 to identify vulnerabilities and mitigation strategies. Continuously monitor OT networks for unusual activities and potential security breaches. Develop and maintain an OT incident response plan for cybersecurity incidents, covering detection, response, and recovery. Drive continuous improvement of cybersecurity policies, procedures, and tools, enhancing CLIENT’s OT security framework. Lead training sessions to promote cybersecurity best practices and ensure compliance with security policies. Ensure compliance with industry standards, regulations, and best practices related to OT cybersecurity. Minimum Requirements Education and Experience Bachelor’s degree in information security, computer science, or a related field (equivalent work experience may substitute on a year-for-year basis). Minimum of 3 years’ experience in information security, IT, or industrial control systems (ICS) engineering. Basic understanding of Programmable Logic Controllers (PLC), Windows-based PCs, VMs, and industrial network architectures. Experience in ICS security is highly desirable. Proven experience selecting, designing, architecting, and deploying security technologies in an OT/ICS environment, with a demonstrated understanding of OT/ICS critical infrastructure, threats, vulnerabilities, and attack paths. Knowledge, Skills, and Abilities Understanding of cybersecurity threats (e.g., denial of service, ransomware) and mitigation approaches. Capability to apply cybersecurity standards and frameworks (e.g., NIST Cybersecurity Framework, NIST 800-82 for ICS, ISA-62443). Knowledge of security controls for both on-premise and cloud-based platforms (AWS, Azure), including Active Directory and Windows systems. Familiarity with SCADA, PLC, and HMI system architectures. Advanced knowledge of network technologies, protocols, and telecommunications principles. Strong communication skills to effectively convey complex concepts, policies, and procedures to diverse stakeholders. Ability to influence, collaborate, and communicate across various levels and teams. Detail-oriented with strong documentation skills. Capable of conducting research into networking issues and prioritizing tasks effectively. Proven track record of process improvement and execution. Ability to work well in a team and independently identify and communicate emerging security threats and industry trends.