OT Cybersecurity Engineer (m/f/d)

Our Culture

At Fluence, our culture is the foundation that drives our ambitious growth strategy and fuels our mission to transform the future of energy. Our core cultural pillars empower us to innovate, collaborate, and lead with purpose, ensuring we continue to deliver unparalleled value to our customers and the world.

Unleash Voices

We believe every voice matters. We encourage openness, active listening, and decisive action to create a culture where everyone has the opportunity to contribute to our success. We foster an environment where diverse perspectives are heard and valued, driving innovation and progress.

Customer Fluent

Our customers are at the heart of everything we do. We’re committed to delivering exceptional value that exceeds expectations by understanding our customers' needs and adapting swiftly to meet them. Our deep focus on customer satisfaction drives us to continuously improve and innovate.

Infinite Impact

We are committed to creating the impossible. We push boundaries to deliver sustainable, game-changing solutions that shape a brighter, more energy-efficient future for all. Our team is passionate about making a lasting impact that will resonate for generations to come.

All In

We are all in for growth. Our teams are relentlessly focused on identifying and seizing opportunities that propel us forward. We embrace an ownership mindset, pushing ourselves and each other to accelerate progress and create lasting success.

Operational Technology (OT) Cyber Security Engineer - Industrial Control Systems (ICS)

Job Description:

We are seeking an experienced Operational Technology (OT) Cyber Security Engineer with a specialized focus on Industrial Control Systems (ICS). In this role, you will play a critical part in ensuring the security and resilience of our OT environment, with a primary emphasis on SDLC and product security of software components used in our ICS.

Key Responsibilities:

1. SDLC Security Integration: Collaborate with cross-functional teams to integrate security measures into the Software Development Life Cycle (SDLC). Ensure security requirements are identified, implemented, and validated throughout all stages of software development.

2. Product Security Assurance: Conduct comprehensive security assessments, vulnerability testing, and code reviews for software components utilized in our Industrial Control Systems. Identify potential vulnerabilities and design flaws, and provide recommendations for remediation and mitigation.

3. Secure Code Development: Assist software development teams in adopting secure coding practices, including adherence to coding standards, secure libraries usage, and effective input validation techniques.

4. Threat Modeling: Perform threat modeling exercises to identify potential attack vectors and security weaknesses in software components. Work proactively to address these threats during the development process.

5. Incident Response: Collaborate with the Incident Response team to investigate and respond to any security incidents related to ICS software components. Provide technical expertise to support incident analysis and recovery efforts.

6. Security Awareness Training: Conduct training sessions to raise awareness among OT and development teams about potential cyber threats and best practices in ICS security.

7. Regulatory Compliance: Stay updated on relevant industry regulations and standards (e.g., NERC CIP, IEC 62443) to ensure compliance and alignment with best practices.

8. Risk Assessment: Assist in conducting risk assessments of software components and ICS environments, identifying and prioritizing potential security risks.

9. Security Documentation: Create and maintain technical documentation related to security assessments, vulnerability findings, and recommended remediation measures.

10. Continuous Improvement: Actively participate in the continuous improvement of security processes, methodologies, and tools used in the OT cyber security program.

Qualifications and Experience:

- Bachelor's degree in Computer Science, Cyber Security, or a related field. A Master's degree is a plus.

- Proven experience (3-5+ years) working in OT cyber security, with a focus on Industrial Control Systems and related software components.

- Solid understanding of SDLC and secure software development practices.

- Hands-on experience with vulnerability assessment tools, penetration testing, and security analysis tools specific to ICS environments.

- Familiarity with relevant ICS-related standards and regulations (e.g., NERC CIP, IEC 62443).

- Proficiency in programming languages commonly used in ICS environments (e.g., C, C++, Java, Python).

- Certifications such as CISSP, GIAC GICSP, or related credentials are highly desirable.

- Strong analytical and problem-solving skills with an ability to think critically and innovatively in complex cyber security scenarios.

- Excellent communication and interpersonal skills, able to work collaboratively and effectively across teams.

If you have a passion for securing critical infrastructure and a strong background in OT cyber security with expertise in Industrial Control Systems, we invite you to apply for this impactful role and contribute to the safety and reliability of our operational technology environment.

Fluence IS AN EQUAL OPPORTUNITY EMPLOYER and fully subscribes to the principles of Equal Employment Opportunity to ensure that all applicants and employees are considered for hire, promotion, and job status without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, marital or familial status.