Job Title : Cybersecurity Engineer II

Location : Chantilly, VA (Remote)

Job Summary: We are seeking an experienced Cybersecurity Engineer II who has experience practicing Cybersecurity in both Information and Communication Technology (ICT) and Operational Technology (OT), to support one of our US Government (USG) customer in the Defense sector. Under the guidance of Cybersecurity Engineer III/Vice President - Technology and Innovation, your primary responsibility will be to propose overall cybersecurity architecture, design, implement, and assess highly secure, scalable, and resilient cybersecurity environments that integrate both ICT and OT assets. This individual must have deep expertise in designing network security architectures for mixed ICT and OT environments, possess hands-on experience with industrial control systems (ICS) security and SCADA security. The role requires an expert-level ability to document architectures, designs, prepare documentations for USG, conduct detailed risk assessments, work with vendors on security implementations, and help run technical training sessions.

Key Responsibilities

Cybersecurity Architecture & Design:

• Architect, design, document, and implement next-generation cybersecurity solutions for a new facility involving both ICT and OT assets, cloud, and hybrid infrastructures , in compliance with the chosen standards.
• Design Zero Trust-based network architectures , including micro segmentation strategies, least-privilege access models, and AI-driven anomaly detection.
• Develop and validate cybersecurity blueprints that incorporate advanced cryptographic methods, network security zones, and AI-driven threat modeling.
• Work with vendors to implement the solution and ensure compliance with proposed cybersecurity architecture and associated controls, document any deviations, and capture risks where appropriate.
  
  
  

Cybersecurity Governance Framework (CSGF) Establishment:

• Develop and implement CSGF based on reference standards for facilities with both ICT and OT assets.
• Ensure compliance with given sets of standards.
  
  
  

Policy Development and Best Practices:

• Contribute to the development of cybersecurity policies and best practices to ensure adherence to established standards/CSGF.
• Assist in communicating and enforcing these policies across facilities.
  
  
  

Cybersecurity Assessments:

• Conduct comprehensive cybersecurity assessments on facilities, following the established standards/CSGF.
• Identify gaps, assess associated risks, and recommend solutions. Thoroughly document all the work in accordance with the government documentation requirements.
• Lead penetration testing efforts for ICT/OT networks, including controlled exploitation of vulnerabilities in industrial protocols and embedded systems.
  
  
  

Vendor Collaboration:

• Evaluate and integrate cutting-edge security technologies such as AI-based intrusion detection, behavioral analytics, and advanced endpoint protection tailored for ICS and OT environments.
• Work closely with vendors to implement cybersecurity solutions and verify their effectiveness.
• Ensure that implemented solutions comply with established standards and associated controls.
  
  
  

Reporting:

• Prepare detailed reports in word doc format (and PowerPoint where applicable) for the Cybersecurity Engineer III and USG.
• Develop automated compliance reporting and risk tracking systems using SIEMs, SOAR platforms, and threat intelligence feeds.
  
  
  

Training Development and Conduct:

• Assist in developing Cybersecurity training programs for facility personnel.
• Help with conducting training sessions to enhance the cybersecurity awareness and skills of personnel.
• Conduct red-team/blue-team cybersecurity exercises focused on OT-specific attack vectors (e.g., ransomware targeting ICS, supply chain attacks, PLC exploitation).
  
  
  

Vice President Support: Work under the direction of the Vice President - Technology and Innovation, providing critical support for the program and related activities .

Quality Assurance: Ensure that all deliverables meet the organization's quality standards and compliance requirements.

Proficient in MS Office applications: Proficient in MS Office applications including word, PowerPoint, etc.

Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• 10+ years of hands-on experience practicing Cybersecurity in both ICT and OT environments, with at least 4 years in OT.
• Experience in cybersecurity architecture, design, and implementation.
• Experience with OT security, including secure SCADA architectures, industrial firewalls, industrial IoT (IIoT) and PLC .
• Experience performing Cybersecurity assessments.
• Relevant certifications (e.g., CISSP, CISM, AWS Security Specialty, Microsoft SC-100) are advantageous.
• In-depth experience with NIST Cybersecurity Framework, NIST SP 800 series, FIPS 199, and ISO/IEC 27000
• Familiarity or experience with IEC 62443 Series, ISO/IEC 15408 Series is a plus.
• Experience using AI/ML for anomaly detection in ICS environments and predictive cybersecurity analytics.
• Experience in cloud cybersecurity.
• Excellent leadership, communication, and interpersonal skills.
• Ability to work in a fast-paced, and dynamic environment.
• Willingness to travel internationally once in a while to assess facility security postures.
  
  
  

Skills

• Strong understanding of governance frameworks and compliance standards.
• Analytical mindset with the ability to assess risks and propose effective solutions.
• Excellent communication skills for collaboration with vendors, reporting, and help conduct training sessions.
• Proficiency in using Cybersecurity tools and technologies.