OT Cybersecurity Engineer, Global

Vantage Data Centers powers, cools, protects and connects the technology of the world’s well-known hyperscalers, cloud providers and large enterprises. Developing and operating across North America, EMEA and Asia Pacific, Vantage has evolved data center design in innovative ways to deliver dramatic gains in reliability, efficiency and sustainability in flexible environments that can scale as quickly as the market demands.

The Vantage Cybersecurity Department is very hands-on. In most cases, we specify, purchase, configure, and maintain all networking and server hardware with a keen focus on cybersecurity measures. We also work closely with partner Value Added Resellers (VARs) to learn about the latest technological changes and cybersecurity trends so that we can make informed purchase decisions. We are always looking for ways to strike the best balance between technology, performance, cost, and cybersecurity. Vantage Cybersecurity Department also participates in designing each of our new data center building’s cybersecurity infrastructure. If you like getting your hands dirty and helping to design, build, and maintain cybersecurity infrastructure in a modern data center, then come work at Vantage. We’re expanding with many new builds, enhancing our focus on safeguarding data and infrastructure in the face of evolving cyber threats.

The ICS/OT (Industrial Control Systems/Operational Technology) Cybersecurity Engineer will be part of a team responsible for protecting a rapidly expanding global enterprise. The Cybersecurity Engineer will audit the Industrial Control System / Operational Technology (ICS/OT) environment and perform risk/vulnerability assessments leading to the development of an enterprise strategy/design plan. The Cybersecurity Engineer will lead implementation (hands-on configuration) of the enterprise ICS/OT systems

Additional responsibilities include research, classification, and root cause analysis of security events that occur within the environment. The ideal candidate will have security industry knowledge that evolves with current and emerging vulnerabilities and threats, as well as an ongoing understanding of key business and technological processes.

• Partner closely with the OT Cybersecurity Manager and OT Cybersecurity Engineers to represent OT Cybersecurity at the regional level, participating in meetings with site operations, vendors, and internal stakeholders to drive consistent implementation of OT cybersecurity practices.

• Implementation and Ongoing management of Secure Remote Access (SRA) and/or Privileged Access Management (PAM) solutions to control and monitor third party access to critical OT environments.

• Perform OT asset discovery, inventory management, and risk classification using OT monitoring platforms (e.g., passive monitoring tools), and support the deployment and configuration of ICS/OT IDS solutions.

• Conduct vulnerability assessments on OT assets and coordinate remediation activities in collaboration with Automation Systems, Site Operations, Network and Cyber Security teams.

• Support integration of OT security monitoring into SOC workflows, including alert tuning and playbook development.

• Work closely with data center teams to ensure cybersecurity controls do not impact uptime or operational resilience.

• Conduct Cybersecurity assessments of products and technologies under consideration by the Data Center teams prior to adoption and/or deployment.

• Perform OT Cybersecurity Risk assessments against best practices and industry frameworks (e.g., ISA/IEC 62443, NIST SP 800‑82, NIST CSF) including participating in audits

• Implement and support OT cybersecurity monitoring and analytics tools to improve threat detection, threat hunting, and forensic investigations.

• Assess the criticality of OT systems, evaluate potential operational impacts of failures or cyberattacks, and use these insights to help design resilient OT architectures.

• Researching, developing, operationalizing, evaluating, and improving OT defensive tactics, techniques, and procedures (TTPs) for detecting and responding to cyber threats

• Researching and developing OT Cyber Resiliency solutions including developing and operationalizing OT/ICS SCADA cyber defense architectures

• Partner with other departments to review network architectures and determine if security best practices are being utilized.

• Work with vendors to ensure detailed diagrams, procedures, and plans are created and maintained for each deployment.

• Maintain and create documentation as needed

• Represent the Cybersecurity team in meetings with the client’s vendors and stakeholders.

• Maintain awareness of industry trends, threats, and tools used to support enterprise security.

• Perform other ad hoc duties to support the company’s security goals.

• Hands on Experience in an OT environment deploying and configuring OT security solutions

• Design and implementation of solutions such as IDS, Secure Remote Access (SRA), Network segmentation, Firewalls, and Endpoint security.

• Working Knowledge and Hands on Experience in one or more of the following technologies and platforms

  • Building Management Systems (BMS)

  • Electrical Power Management System (EPMS)

  • SCADA Platform

  • PLC Platform (e.g. Siemens, Schneider, Rockwell)

  • Industrial Protocols (Modbus, DNP3, BACnet, OPC, S7, CIP)

  • Passive OT monitoring solutions (e.g. Tenable, Nozomi, Claroty)

  • Firewalls (IDS/IPS/DPI/WAF/Web Filter/App Control)

  • Networking Environments (Routing/Switching/VLANS/Security/Wireless etc.)

  • SIEM, SOAR, and XDR technologies

  • Windows and Linux server architectures within IT/OT environments

  • Cloud and virtualization platforms supporting OT workloads

• Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or related focused technical training or 4 additional years of engineering experience that may have been acquired in the military, public or private sectors.

• 3 years of experience performing Cybersecurity Risk assessments in an IT/OT environment.

• Strong understanding of cybersecurity frameworks for ICS/OT environments

• Strong understanding of OT network communication protocols and industrial networking topologies.

• ISA/IEC 62443 Cybersecurity Certificates are preferable

• Certifications for SANS Global Industrial Cyber Security Professional (GICSP), GIAC Response and Industrial Defense (GRID), Critical Infrastructure Protection are preferable.

• Understanding of MITRE ATT&CKS for ICS or NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Plan) frameworks

• Familiarity with NIST (National Institute of Standards and Technology) Special Publication 800-61 Revision 2, Computer Security Incident Handling Guide.

• Familiarity with NIST (National Institute of Standards and Technology) Special Publication 800-82

• Familiarity/Knowledge of the Perdue Enterprise Reference Architecture (PERA)

• Understanding of general cybersecurity frameworks (ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53)

• Demonstrable understanding of project/program management techniques and methods

• Good Microsoft Excel skills required

• Excellent written and verbal communication skills with transparent and timely communication

• Expected travel is less than 20% but may be higher during construction projects. May grow and evolve over time

• Be available outside standard working hours when required, including evenings, weekends, and holidays

• Networking certifications (e.g. CCNA, CCNP)

• Security Certifications such as ISC2 Certified Information Systems Security Professional (CISSP), CompTIA Security+, CompTIA Network + or ISACA Certified Information Security Manager (CISM)

• Certifications for SANS (SysAdmin, Audit, Network and Security) GIAC (Global Information Assurance Certification)

• EC Council Certified Ethical Hacker (CEH), or Formal IT Security/Network Certification such as SANS GIAC Certified Intrusion Analyst (GCIA), SANS GIAC Network Forensic Analyst (GNFA)

• Certified SCADA Security Architect (CSSA)

• Data Center experience is strongly preferred, but not required

#LI-FW1
#LI-Hybrid
 

We operate with No Ego and No Arrogance. We work to build each other up and support one another, appreciating each other’s strengths and respecting each other’s weaknesses. We find joy in our work and each other, actively seeking opportunities to inject fun into what we do. Our hard and efficient work is rewarded with an above market total compensation package. We offer a comprehensive suite of health and welfare, retirement, and paid leave benefits exceeding local expectations.

Throughout the year, the advantage of being part of the Vantage team is evident with an array of benefits, recognition, training and development, and the knowledge that your contribution adds value to the company and our community.

Don't meet all the requirements? Please still apply if you think you are the right person for the position. We are always keen to speak to people who connect with our mission and values.

Vantage Data Centers is an Equal Opportunity Employer

Vantage Data Centers does not accept unsolicited resumes from search firm agencies. Fees will not be paid in the event a candidate submitted by a recruiter without an agreement in place is hired; such resumes will be deemed the sole property of Vantage Data Centers.