Job description

Position: Principal Operational Technology Security Engineer (HYBRID) Location: New York A Day in Your Life at MKS: We seek a Principal Security Network Engineer experienced in IT and OT (Operational Technology) systems, specializing in federally regulated domestic industries, including energy (electric oil and gas), maritime, pharmaceutical, chemical, manufacturing/warehousing, and critical municipal infrastructures. The ideal candidate will have a strong background in IEC 62443 cybersecurity standards and protocols and a proven track record in assessing and implementing secure IT/OT network infrastructures within these sectors. This position is Hybrid within a commutable distance to one of our facilities in Andover MA, Beaverton OR, Broomfield CO, Irvine CA, Milpitas CA, or Rochester NY. You Will Make an Impact By: OT Security Strategy: • Develop and execute a comprehensive OT security strategy aligned with industry standards and regulatory requirements. • Continuously assess and update the OT security strategy to address emerging threats and vulnerabilities. OT Security Architecture: • Design and implement secure OT architectures and solutions for industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, and other OT assets. • Ensure that OT systems are designed with security as a fundamental consideration, including network segmentation and access controls. Security Controls Implementation: • Implement and manage security controls and technologies specific to OT environments, such as intrusion detection systems (IDS), firewalls, and network monitoring tools. • Configure and maintain OT security solutions to detect and respond to anomalies and threats. Vulnerability Management: • Perform regular vulnerability assessments and penetration testing of OT systems. • Collaborate with OT teams to remediate identified vulnerabilities and weaknesses. Incident Response and Recovery: • Develop and maintain incident response plans and procedures for OT security incidents. • Lead incident response efforts in the event of security breaches or incidents. Security Awareness and Training: • Provide guidance and training to OT teams on security best practices, including secure configurations and access controls. • Foster a culture of security awareness within the OT organization. Regulatory Compliance: • Ensure OT environments comply with relevant industry-specific standards and regulations, such as NERC CIP or IEC 62443. • Collaborate with compliance teams to conduct assessments and audits. Documentation and Reporting: • Maintain detailed documentation of OT security architectures, policies, and procedures. • Produce reports and recommendations for management and stakeholders. Continuous Improvement: • Stay current with industry trends, emerging threats, and evolving technologies. Drive continuous improvement in IT and OT network and security solutions. Skills You Bring: • 8+ years of recent experience supporting network and security projects. • Proficient in the first four layers of the OSI model. • Familiarity with IEC 62443 and the Purdue model. • Proven experience with SCADA, DCS, and ICS systems. • A proactive individual capable of navigating uncertainty and managing multiple project tasks simultaneously. • Security: Cisco, Fortinet, F5, Check Point and Palo Alto firewalls, WAF, IDS/IPS and VPN. • WAN routing solutions: MPLS, SD-WAN with VPN overlays. • LAN/WAN platforms: Cisco Nexus, ACI, Catalyst, ISR route/switch, Fortinet, Aruba, especially multi-chassis, multi-context, ruggedized, and virtualized systems. • OT Networking & PLC Vendors: GE, Schweitzer, Schneider, Siemens, Red Lion, Antaira, Hirschmann, Emerson, Phoenix Contact, Moxa. • Cloud: Azure VNETs, Peering, Virtual Gateway, VLAN, DNS, Load Balancing. • Authentication Systems: TACACS, RADIUS, LDAP, Cisco ISE, Forti Authenticator. • Wireless: Client and point-to-point/multipoint wireless, radio and cellular solutions. Competencies: • Communication: Effectively communicate with a variety of technical and non-technical audiences and tune messages appropriately. • Collaboration: Ability to work independently and effectively as part of a multidisciplinary team. • Proficient in multitasking: Effectively handle various responsibilities, prioritize tasks, and maintain awareness of upcoming work. • Attention to Detail: Work with accuracy and be thorough. • Create detailed Change Management documentation and implementation plans. • Adaptability: Capacity to rapidly grasp and adapt to new technologies and solutions. • Customer Focus: Maintain focus on providing customers with secure networking solutions with excellent value. • Team Focus: Foster an innovation environment, team compatibility, positive work culture, and excellence. Manage relationships within the project team, clients, and relevant stakeholders. Physical Demands and Working Conditions: • Perform activities such as sitting, standing, or typing for extended periods of time. • Regularly requires good manual dexterity and coordination. • Ability to remain in a stationary position for 90% of the time. • Must be able to communicate information and ideas so others will understand. • Must be able to…

Requirements