OT/ICS Cybersecurity Position

0 views
Skip to first unread message

Venkat Reddy

unread,
May 28, 2026, 11:23:15 AM (11 days ago) May 28
to My C2C Vendors 2023

Role OT/ICS Cybersecurity Position
Location: Boston, MA

 

About the Position

  • Lead and execute OT/ICS cybersecurity activities across multiple industrial sites (customer sites).
  • Focus on industrial security assessment, segmentation, and risk reduction.
  • Ensure OT environments are:
    • Secure
    • Stable
    • Aligned to IEC 62443 and NIST standards
  • Work closely with plant operations, engineering teams, and IT security teams.
  • Deliver practical, implementable solutions without impacting production.

1. OT/ICS Security Assessment

  • Conduct end-to-end OT security assessments across plants / operational sites (approx. 10 sites).
  • Perform:
    • Asset discovery (PLCs, SCADA, HMI, network devices)
    • Network architecture reviews
    • Vulnerability identification
  • Identify:
    • Control gaps
    • Exposures and attack surfaces
    • Legacy system risks
  • Perform gap analysis aligned to IEC 62443 / NIST SP 800-82 frameworks.
  • Deliver:
    • OT baseline reports
    • Risk findings and recommendations

2. OT Network Architecture & Segmentation

  • Design OT network segmentation using Purdue Model (Zones & Conduits).
  • Define:
    • IT-OT DMZ architecture
    • Secure communication pathways
    • Trust boundaries between systems
  • Recommend:
    • Firewall placement
    • Network isolation strategies
  • Ensure:
    • Industrial safety is not impacted
    • Uptime and operational continuity are maintained

3. Industrial Cyber Risk Management

  • Identify risks across:
    • PLCs
    • SCADA systems
    • Industrial protocols
    • Vendor remote access
  • Analyze:
    • Operational impact
    • Safety risks
    • Business criticality
  • Maintain and update:
    • OT risk register
    • Risk prioritization matrix
  • Provide:
    • Risk mitigation strategies
    • Residual risk recommendations

4. Security Controls & Hardening

  • Define and recommend OT-specific security controls, including:
    • Network segmentation
    • Access control (RBAC, vendor access)
    • Monitoring & logging
  • Design compensating controls for:
    • Legacy PLC/SCADA systems
    • Systems that cannot support endpoint agents
  • Ensure controls are:
    • Practical
    • Deployable with minimal disruption

5. OT Monitoring & Threat Detection

  • Deploy and tune OT monitoring tools:
    • Claroty
    • Nozomi
    • Dragos
  • Perform:
    • Network traffic analysis
    • Protocol-level inspection
  • Detect:
    • Anomalies
    • Lateral movement risks
    • Unauthorized access
  • Integrate OT monitoring insights with IT security systems where feasible.

6. Remediation & Technical Debt Reduction

  • Develop OT remediation roadmap based on findings.
  • Define:
    • Short-term mitigations
    • Long-term improvements
  • Track:
    • Remediation actions
    • Owners and timelines
  • Support:
    • Technical debt reduction
    • Migration to secure baseline architecture

7. Site-Level Engagement & Coordination

  • Work closely with:
    • Plant managers
    • OT engineers
    • Maintenance and automation teams
  • Align security solutions with:
    • Operational processes
    • Maintenance windows
  • Conduct:
    • Workshops
    • Site walkthroughs
    • Stakeholder discussions

8. Industrial Security Standards & Compliance

  • Ensure alignment with:
    • IEC 62443
    • NIST SP 800-82
  • Support:
    • Compliance assessments
    • Audit readiness
  • Map controls to:
    • Industry standards
    • Organizational security baselines

Technical Expertise

Frameworks

  • IEC 62443
  • NIST CSF / SP 800-82

Architecture

  • Purdue Model
  • Zone-conduit segmentation

Tools

  • Armis
  • Claroty
  • Nozomi
  • Dragos
  • OT monitoring & network visibility tools

Industrial Domain Knowledge

Experience In

  • Healthcare / Pharma
  • Manufacturing / Process Plants

Understanding Of

  • Safety systems
  • Production-critical operations

Soft & Functional Skills

  • Strong problem-solving and analytical thinking
  • Ability to work with cross-functional OT + IT teams
  • Strong communication skills for:
    • Technical and non-technical stakeholders

Preferred Certifications

  • GICSP (Global Industrial Cyber Security Professional)
  • ISA/IEC 62443 Certification
  • CISSP / CISM (optional but beneficial)



Thanks & Regards,
Maddula Venkateshwara Reddy | ICS Global Soft
Senior. US IT RECRUITER
venkatre...@gmail.com

 

Reply all
Reply to author
Forward
0 new messages