Operational Technology Security Engineer - Secret or Top Secret - Remote
Job Title: Operational Technology Security Engineer Location: Remote Clearance Required: Active Secret (Tier 3/T3) or Top-Secret accepted Salary Range: $125K - $150K Based on Years of Experience Application Deadline: May 1, 2026 Required Certification:One of the following
- Security+, or CCNA-Security, or CySA+
- * -ForescoutorEyeInspectExperience or FCNSA certification
One of the below listed Certifications - ICS300 or relevant OT/ICS Cybersecurity Certifications.Acceptable equivalents include:
- -GICSP (GIAC Global Industrial Cyber Security Professional)
- -ISA/IEC 62443 Cybersecurity Certificate
- -GRID (GIAC Response and Industrial Defense)
- -GCIP (GIAC Critical Infrastructure Protection)
- -CSSA (IACRB Certified SCADA Security Architect)
Position Overview The OT Security Engineer serves as the subject matter expert for all Operational Technology (OT), Industrial Control System (ICS), and SCADA cybersecurity requirements within the DLA TFS environment. This individual bridges IT and OT security, conducts OT-specific vulnerability assessments, manages asset visibility and remediation, and ensures compliance with ISA/IEC 62443 and DoD cybersecurity requirements across OT networks.
Minimum Qualifications
- - Seven (7) years of relevant OT Cybersecurity experience
- -Experience with OT communication protocols: Modbus/TCP, EtherNet/IP, IEC 61850, ICCP, DNP3, BACnet
- -Strong understanding of OT systems: SCADA, ICS, DCS, PLCs, HMIs, RTUs, and field devices
- -Knowledge of secure OT network architectures: segmentation, firewalls, IDS/IPS, and network monitoring solutions
- -Experience managing software and firmware updates for OT devices while minimizing operational disruption
- -Proficiency with OT-relevant cybersecurity frameworks: NIST CSF, ISA/IEC 62443, NERC CIP
- -Familiarity with DoD cybersecurity requirements: STIGs, TCG configuration guides, IAVMs, and Task Orders
- -Experience preparing environments for DoD cybersecurity inspections (CCRI, CORA)
- -Ability to develop, maintain, and validate cybersecurity artifacts and documentation
- -Knowledge of vulnerability scanning and asset visibility tools: ACAS, Nessus, Qualys, ForescoutEyeInspect
- -Updates and tracks POA&M entries - documents findings, logs remediation, keeps milestones current
- -Experience performing OT-specific risk assessments, identifying threats, vulnerabilities, and operational impacts
- -Experience deploying and tuning security monitoring solutions for OT environments including anomaly detection
- -Ability to develop and implement OT-specific incident response plans
- -Ability to build automated workflows for vulnerability remediation, compliance checks, or reporting
- -Experience bridging IT and OT cybersecurity requirements to ensure aligned policies and protections
Key Responsibilities
- -Assist with identification, classification, and prioritization of OT security and vulnerability-related efforts
- -Work with stakeholders on remediation of OT vulnerabilities
- -Review OT vulnerability reports for known assets and devices
- -Coordinate fixes and updates for edge device vulnerabilities
- -Ensure correct teams are notified of OT vulnerability issues with their edge devices
- -Coordinate reviews of unknown OT assets and devices with application owners
- -Investigate and coordinate reviews of unreachable OT devices and assets
- -Document or assist in documentation of OT vulnerabilities and required cybersecurity documentation
- -Conduct vulnerability assessments across OT/IT networks, databases, applications
- -Provide risk-based mitigation strategies tailored to OT operational constraints
- -Deploy and tune Forescout EyeInspect and other OT security monitoring solutions
- -Produce analytics and trend reports for leadership and inspection teams
About S2i2 S2i2 is a growing company with a supportive and inclusive culture and many opportunities for professional development and growth. We have created a supportive, family-like work environment where contributions are recognized. Regular company updates and open lines of communication with leadership fosters collaboration within the company. We are proud to include:
- Support to achieve professional certifications and degrees
- Leadership that is accessible to all employees
- Regular company updates
- Client networking social engagements
- Monthly team-building activities (past examples: Top Golf)
- Supporting our community - including veterans
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. Remote About the Company: S2i2 Inc Apply tot his job Apply To this Job