Job Description

Job Description

Position: OT Cybersecurity Engineer – Purdue Level 1/2 Zoning & Firewall Design

Location: Baton Rouge, LA

Role Overview:

We are seeking a highly skilled Operational Technology (OT) Cybersecurity Engineer with deep

expertise in industrial control system (ICS) security architecture, focusing on Purdue Model

Level 1 and Level 2 zoning, firewall configuration, and secure network segmentation within

complex refinery and chemical processing environments. The ideal candidate will possess

hands-on experience designing and implementing OT cybersecurity zones and controls that

comply with NIST 800-82, ISA/IEC 62443, and other industry best practices. This role requires

both technical acumen and the ability to perform detailed on-site assessments, vulnerability

analysis, and operational risk mitigation in highly secure industrial facilities.

Key Responsibilities:

OT Network Security Architecture & Firewall Design

• Develop and implement Purdue Model Level 1/2 network zones including secure

segmentation of ICS devices (PLCs, HMIs, RTUs) from enterprise IT systems.

• Build, review, and maintain detailed firewall rulesets using vendor platforms such as

Palo Alto, Fortinet, ensuring least privilege access and protocol whitelisting.

• Design and deploy DMZs, data diodes, and read-only gateways to enable secure one-

way data flow between OT and IT domains, preventing lateral movement of threats.

• Collaborate with network and OT engineers to design resilient, redundant, and fail-safe

architectures in compliance with industry standards.

Onsite Security Assessments & Asset Discovery

• Conduct comprehensive plant walkthroughs to assess OT network topology, device

configurations, and physical security controls.

• Perform asset discovery and classification using tools like Tenable OT, Dragos, or other

ICS vulnerability scanners.

• Identify and document vulnerabilities, risks, and compliance gaps, producing actionable

reports and mitigation plans for OT teams.

• Work closely with process and maintenance personnel to align cybersecurity initiatives

with operational requirements and constraints.

Automation, Monitoring & Incident Response

• Develop and maintain PowerShell and Python scripts for automated log monitoring,

anomaly detection, and incident alerting across OT infrastructure.

• Integrate log sources into Security Information and Event Management (SIEM) platforms

while ensuring OT-specific telemetry is correctly interpreted.

• Support incident response efforts by performing root cause analysis and remediation for

OT-related cybersecurity events.

Compliance & Standards Alignment

• Apply NIST 800-82, ISA/IEC 62443, CISA energy sector guidelines, and other relevant

cybersecurity frameworks to ensure regulatory compliance.

• Prepare and maintain technical documentation including firewall policies, network

diagrams, asset inventories, and cybersecurity policies tailored for OT environments.

• Liaise with third-party auditors and regulators during cybersecurity audits and

assessments.

Must-Have Qualifications & Skills:

• Minimum 10+ years of experience in industrial control system (ICS) cybersecurity,

specifically within energy, oil & gas, or chemical sectors.

• Proven track record designing and implementing Purdue Model Level 1 and 2 zones,

secure firewall configurations, and DMZ architectures in OT environments.

• Expertise configuring and managing firewalls and network security appliances from

Palo Alto, Fortinet, or equivalent platforms in ICS/OT settings.

• Hands-on experience with asset discovery and vulnerability assessment tools such as

Tenable OT, Dragos, Claroty, or Nozomi.

• Proficient in PowerShell and Python scripting for automation of security monitoring and

operational controls.

• Strong understanding of ICS protocols (Modbus, DNP3, OPC-UA) and OT network

architectures.

• Excellent communication skills for cross-team collaboration and report writing.

• TWIC Card strongly preferred for secure site access.

Preferred Skills & Certifications:

• Certifications such as GICSP (Global Industrial Cyber Security Professional), ISA/IEC

62443 Cybersecurity Expert, CISSP, or CEH.

• Familiarity with SIEM tools like Splunk, QRadar, or ArcSight integrated with OT telemetry.

• Experience with ICS Incident Response, digital forensics in OT environments, and

industrial malware detection techniques.

• Prior experience working with similar large energy/refining companies.

Job Tags

Similar Jobs