OT Security Engineer

In the maritime industry, where colossal ships dock, and millions of tons of cargo are moved with precision, it takes teams of dedicated individuals to keep global trade in motion. Working in this dynamic sector means that you play a part in ensuring the pulse of commerce never skips a beat, all while driving the future of supply chain logistics and marine terminal operations.

Dive into a career where your talents make an impact and help us steer the future of this vital sector. Every job function in our organization, whether it's on the docks or behind the scenes in administrative roles, finance, payroll, or IT, has a significant impact on the national economy and critical supply chain operations. Where the pulse of global trade meets the precision of maritime excellence, at Ports America, we don't just move cargo; we drive the nation's economic engine!

Essential Duties:

• Assess, measure, and analyze the cyber security posture across both IT and OT networks and recommend improvements to mitigate risks.
• Lead and implement network security best practices across IT and OT solutions.
• Coordinate the implementation of cyber security solutions (new/modifications) to reduce risk while enabling business efficiency and operational uptime.
• Assist in development, implementation, and enforce policies, processes, and procedures associated with IT and OT cyber security and IAM.
• Assist in developing and managing endpoint security, including hardening, tools, and procedures for both IT and OT environments.
• Stay up to date on current threats, vulnerabilities, attacks, and countermeasures in IT and OT security.
• Monitor and manage web filtering solutions and network security tools.
• Develop and refine patch and vulnerability management processes for both IT and OT systems.
• Support the development and enhancement of disaster recovery and incident response plans for IT and OT environments.
• Coordinate cyber security incident response across enterprise IT and OT networks.
• Assist teams in integrating security requirements into system designs and ensuring compliance with relevant frameworks.
• Assist in security evaluations, penetration testing, and architecture reviews for IT and OT systems.
• Conduct security awareness training for IT and OT personnel to improve cyber hygiene across environments.
• Ensure compliance with industry standards such as NIST, MARSEC, ISA/IEC 62443, CIS Controls, and other relevant security frameworks.
• Coordinate malware analytics and forensic investigations across IT and OT networks.

Minimum Requirements :

• BA/BS degree in Computer Science, Engineering, Information Systems, or equivalent experience.
• Minimum 7 years of experience in Information Technology, including at least 3-4 years in an Information Security Engineering role.

Preferred Qualifications:

• Strong understanding of NIST, CIS Controls, and ISA/IEC 62443 (or similar OT security frameworks).
• Experience with OT security tools and protocols such as SCADA, ICS, DCS, Modbus, BACnet, and OPC.
• Knowledge of network security (firewalls, NAT, VPN, NGFWs, IPS/IDS) and how they apply to both IT and OT environments.
• Experience with security monitoring solutions, including SIEM, IDS/IPS, anti-virus, and endpoint detection tools.
• Experience in a system administration role supporting multiple platforms and applications.
• Experience with virtualization technologies.
• Security+ or similar certification, required.
• CISSP, CISM, GIAC GICSP, CEH, OSCP, or similar security certifications preferred.
• Experience designing secure IT and OT networks, systems, and architectures.
• Knowledge of cloud security best practices (IaaS, PaaS, SaaS).

Knowledge, Skills & Abilities:

• Strong knowledge of Windows OS, Active Directory, Group Policy, and Microsoft Office 365.
• Strong knowledge of Network Segmentation and Network Security
• Advanced knowledge of Windows network configurations, SOA, and Microsoft ADFSin an enterprise environment.
• Advanced knowledge of packet capture and analysis
• Deep understanding of OT security principles, including segmentation, asset management, and ICS/SCADA security best practices.
• Strong knowledge of risk assessment tools, vulnerability management, and intrusion detection technologies.
• Knowledge of Mobile Device Management (MDM) and Enterprise Mobility Management (EMM) solutions.
• Experience with log analysis and SIEM tools(Splunk, ELK, QRadar, etc.), focusing on security event correlation.
• Ability to analyze and respond to malicious code, mobile threats, and antivirus alerts.
• Ability to communicate security conceptsto technical and non-technical audiences.
• Experience with programming/scripting languages(Java, C++, C#, Python, PowerShell) is preferred.
• Knowledge of change management, project management, and process improvement methodologiesis preferred.

Working Conditions:

• Must be willing to travel (up to 10%)
• Office environment

NOTE: This job description is not intended to be all-inclusive. Employees may perform other related duties as needed to meet the ongoing needs of the organization.

Ports America is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race; color; religion; national origin; sex (including pregnancy); sexual orientation; gender identity and/or expression; age; disability; genetic information, citizenship status; military service obligations or any other category protected by applicable federal, state, or local law.

This role does not offer sponsorship for work authorization. External applicants must be eligible to work in the US.