Ot Security Engineer

• Design, implement, and maintain security controls for OT/ICS environments, including SCADA, PLCs, HMIs, engineering workstations, and plant networks
• Develop OT security architecture aligned with the Purdue Model, ISA/IEC 62443, and company security standards
• Support secure network segmentation between IT and OT, including firewalls, DMZs, and remote access solutions
• Deploy and maintain OT monitoring tools (e.g., Nozomi, Claroty, Dragos) to identify anomalous behavior and potential intrusions
• Investigate security alerts related to industrial assets and support incident response activities within OT environments
• Analyze OT network traffic and develop detection logic for ICS-specific threats
• Perform risk assessments on OT systems, control networks, and industrial equipment
• Identify and prioritize vulnerabilities in OT assets, including legacy systems with limited patching options
• Recommend compensating controls where traditional IT security techniques are not feasible
• Maintain accurate inventory of OT assets, communication flows, and dependencies
• Assist in securing PLC logic, firmware, HMI configurations, and industrial device backups
• Collaborate with plant/operations engineers on secure configuration baselines for control system components
• Support secure integration of IIoT devices, sensors, and industrial automation technologies
• Evaluate third-party vendor solutions, remote support connections, and contractor access
• Provide engineering guidance during OT system upgrades, lifecycle replacements, and modernization projects
• Work directly with operations, plant maintenance, network engineers, and cybersecurity teams to ensure OT environments meet safety and security requirements
• Communicate risks and recommended safeguards to non-technical stakeholders in manufacturing and operational groups

• 3–7+ years of experience in cybersecurity, industrial control systems, OT engineering, or related technical fields
• Hands-on experience with ICS/OT technologies such as SCADA systems, PLCs, DCS platforms, or industrial automation networks
• Understanding of OT networking concepts (Modbus, DNP3, OPC, BACnet, Profinet, EtherNet/IP)
• Familiarity with OT security frameworks such as ISA/IEC 62443 or NIST 800-82
• Experience with one or more OT security platforms (Nozomi, Dragos, Claroty, etc.)
• Strong troubleshooting skills in operational environments with high availability and safety requirements
• Experience implementing segmentation, firewalls, and DMZs for OT networks
• Knowledge of industrial protocols, vendor equipment (Rockwell/Allen-Bradley, Siemens, Schneider, Emerson), or SCADA platforms
• Experience with incident response in ICS environments
• Certifications such as GICSP, GRID, ISA/IEC 62443 Cybersecurity Certificates, CCNA/CCNP, or CISSP
• Strong communication and cross-functional skills
• ability to work in safety-critical manufacturing or industrial environments

Ability to write or review PLC logic (Ladder Logic, Function Block, Structured Text) is a plus

• Exciting innovative environment
• possibility for further development and international career opportunities
• high-profile team
• daily use of English and other foreign languages
• language courses
• Competitive remuneration and other benefits (meal vouchers, contribution to life or pension insurance, holidays etc.)
• Flexible working hours
• possibility for home office
• sick days