Job Description

Job Title: OT Cybersecurity Engineer – Purdue Level 1/2 Zoning & Firewall Design

Location: Baton Rouge, LA

Contract 12 months

Must Have: ICS Exp, TWIC Card needed.

Role Overview:

We are seeking a highly skilled Operational Technology (OT) Cybersecurity Engineer with deep expertise in industrial control system (ICS) security architecture, focusing on Purdue Model Level 1 and Level 2 zoning , firewall configuration, and secure network segmentation within complex refinery and chemical processing environments. The ideal candidate will possess hands-on experience designing and implementing OT cybersecurity zones and controls that comply with NIST 800-82 , ISA/IEC 62443 , and other industry best practices. This role requires both technical acumen and the ability to perform detailed on-site assessments, vulnerability analysis, and operational risk mitigation in highly secure industrial facilities.

Key Responsibilities:

OT Network Security Architecture & Firewall Design

• Develop and implement Purdue Model Level 1/2 network zones including secure segmentation of ICS devices (PLCs, HMIs, RTUs) from enterprise IT systems.

• Build, review, and maintain detailed firewall rulesets using vendor platforms such as Palo Alto, Fortinet , ensuring least privilege access and protocol whitelisting.

• Design and deploy DMZs , data diodes , and read-only gateways to enable secure one way data flow between OT and IT domains, preventing lateral movement of threats.

• Collaborate with network and OT engineers to design resilient, redundant, and fail-safe architectures in compliance with industry standards.

Onsite Security Assessments & Asset Discovery

• Conduct comprehensive plant walkthroughs to assess OT network topology, device configurations, and physical security controls.

• Perform asset discovery and classification using tools like Tenable OT , Dragos , or other ICS vulnerability scanners.

• Identify and document vulnerabilities, risks, and compliance gaps, producing actionable reports and mitigation plans for OT teams.

• Work closely with process and maintenance personnel to align cybersecurity initiatives with operational requirements and constraints.

Automation, Monitoring & Incident Response

• Develop and maintain PowerShell and Python scripts for automated log monitoring, anomaly detection, and incident alerting across OT infrastructure.

• Integrate log sources into Security Information and Event Management (SIEM) platforms while ensuring OT-specific telemetry is correctly interpreted.

• Support incident response efforts by performing root cause analysis and remediation for OT-related cybersecurity events.

Compliance & Standards Alignment

• Apply NIST 800-82 , ISA/IEC 62443 , CISA energy sector guidelines, and other relevant cybersecurity frameworks to ensure regulatory compliance.

• Prepare and maintain technical documentation including firewall policies, network diagrams, asset inventories, and cybersecurity policies tailored for OT environments.

• Liaise with third-party auditors and regulators during cybersecurity audits and assessments.

Must-Have Qualifications & Skills:

• Minimum 10+ years of experience in industrial control system (ICS) cybersecurity , specifically within energy, oil & gas, or chemical sectors.

• Proven track record designing and implementing Purdue Model Level 1 and 2 zones , secure firewall configurations, and DMZ architectures in OT environments.

• Expertise configuring and managing firewalls and network security appliances from Palo Alto , Fortinet , or equivalent platforms in ICS/OT settings.

• Hands-on experience with asset discovery and vulnerability assessment tools such as Tenable OT , Dragos , Claroty or Nozomi .

• Proficient in PowerShell and Python scripting for automation of security monitoring and operational controls.

• Strong understanding of ICS protocols (Modbus, DNP3, OPC-UA) and OT network architectures.

• Excellent communication skills for cross-team collaboration and report writing.

• TWIC Card needed for secure site access.

Preferred Skills & Certifications:

• Certifications such as GICSP (Global Industrial Cyber Security Professional) , ISA/IEC 62443 Cybersecurity Expert , CISSP , or CEH .

• Familiarity with SIEM tools like Splunk, QRadar, or ArcSight integrated with OT telemetry.

• Experience with ICS Incident Response , digital forensics in OT environments, and industrial malware detection techniques.

• Prior experience working with similar large energy/refining companies.

Work Environment & Travel:

• Role requires onsite presence in Baton Rouge, LA , with frequent field visits to chemical/refinery plant areas.

• Must adhere to all safety, security, and operational protocols, including wearing proper PPE and following plant access procedures.

• Will be required to participate in shift work , emergency on-call rotations , and incident response drills as necessary.

Job Tags

Similar Jobs