Apply for this opportunity

This job application is on an outside website. Be sure to review the job posting there to verify it's the same.

Apply Offsite

OT/ICS Security Lead

Job

Recutify Inc.

Remote

Full-Time

Posted 1 week ago (Updated 16 hours ago) • Actively hiring

Expires 7/11/2026

See Job Scorecard

Review key factors to help you decide if the role fits your goals.

How is this calculated?

Pay Growth

out of 5

Not enough data

Not enough info to score pay or growth

Job Security

out of 5

Not enough data

Calculating job security score...

Total Score

100

out of 100

Average of individual scores

Were these scores useful?

Skill Insights

Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.

Job Description

Role :

OT/ICS Security Lead Location :

Boston, MA (Hybrid) About the position Lead and execute OT/ICS cybersecurity activities across multiple industrial sites ( customer sites) Focus on industrial security assessment, segmentation, and risk reduction Ensure OT environments are: Secure Stable Aligned to IEC 62443 and NIST standards Work closely with plant operations, engineering teams, and IT security teams Deliver practical, implementable solutions without impacting production What you'll do Key Responsibilities 1. OT/ICS Security Assessment Site visit and Conduct end-to-end OT security assessments across plants / operational sites ( apprx.10 sites)

Perform:

Asset discovery (PLCs, SCADA, HMI, network devices) Network architecture reviews Vulnerability identification

Identify:

Control gaps Exposures and attack surfaces Legacy system risks Perform gap analysis aligned to

IEC 62443 / NIST SP 800-82

frameworks

Deliver:

OT baseline reports Risk findings and recommendations 2. OT Network Architecture & Segmentation Design OT network segmentation using Purdue Model (zones & conduits)

Define:

IT OT DMZ

architecture Secure communication pathways Trust boundaries between systems

Recommend:

Firewall placement Network isolation strategies

Ensure:

Industrial safety is not impacted uptime and operational continuity are maintained 3. Industrial Cyber Risk Management Identify risks across: PLCs SCADA systems Industrial protocols Vendor remote access

Analyze:

Operational impact Safety risks Business criticality Maintain and update: OT risk register Risk prioritization matrix

Provide:

Risk mitigation strategies Residual risk recommendations 4. Security Controls & Hardening Define and recommend OT-specific security controls, including: Network segmentation Access control (RBAC, vendor access) Monitoring & logging Design compensating controls for: Legacy

PLC/SCADA

systems Systems that cannot support endpoint agents Ensure controls are: Practical Deployable with minimal disruption 5. OT Monitoring & Threat Detection Deploy and tune OT monitoring tools:

Claroty Nozomi Dragos Perform:

Network traffic analysis Protocol-level inspection

Detect:

Anomalies Lateral movement risks Unauthorized access Integrate OT monitoring insights with IT security systems where feasible 6. Remediation & Technical Debt Reduction Develop OT remediation roadmap based on findings

Define:

Short-term mitigations Long-term improvements

Track:

Remediation actions Owners and timelines

Support:

Technical debt reduction Migration to secure baseline architecture 7. Site-Level Engagement & Coordination Work closely with: Plant managers OT engineers Maintenance and automation teams Align security solutions with: Operational processes Maintenance windows Safety requirements

Conduct:

Workshops Site walkthroughs Stakeholder discussions 8. Industrial Security Standards & Compliance Ensure alignment with:

IEC 62443 NIST SP 800-82

Support:

Compliance assessments Audit readiness Map controls to: Industry standards Organizational security baselines Key Deliverables OT asset discovery and baseline report Industrial risk assessment and mitigation plan Purdue-based segmentation design Security control recommendations Remediation roadmap and tracking Reduced OT cybersecurity risk across sites What you'll bring Core OT Security Skills Hands-on experience with:

PLC, SCADA, DCS, ICS

systems Strong knowledge of: Industrial network protocols OT attack vectors and threats

Technical Expertise Frameworks:

IEC 62443 NIST CSF / SP 800-82

Architecture:

Purdue Model Zone conduit segmentation

Tools:

Armis / Claroty / Nozomi / Dragos OT monitoring & network visibility tools Industrial Domain Knowledge Experience in: Healthcare / pharma / Manufacturing / process plants

Understanding of:

Safety systems Production-critical operations Soft & Functional Skills Strong problem-solving and analytical thinking Ability to work with cross-functional OT + IT teams Strong communication skills for: Technical and non-technical stakeholders Preferred Certifications GICSP (Global Industrial Cyber Security Professional)

ISA/IEC 62443

Certification

CISSP / CISM

(optional but beneficial)