Security Engineer (Operational Technology, SCADA/DCS)

Posting expires: October 3, 2025

Salary: $99,000

General Description And Classification Standards:

Responsible for securing the Department of Watershed Management’s Critical Industrial Control assets. This position addresses issues and inquiries related to Operational Technology (OT) security from Watershed stakeholders and relevant third-party business partners. Responsibilities include defining OT security prerequisites for Watershed projects, supervising the integration of OT security technologies, and fostering collaboration with diverse Watershed and other City of Atlanta Departmental teams to ensure the uniform application of risk-based methodologies across all relevant endeavors. Also to foster the IT and OT convergence through dialogue and needed collaboration.

Supervision Received:

Minimal supervision, direction received is very general and focuses on end results and is typically collaborative in nature. Position plans own work and project schedules and sequences.

Essential Duties And Responsibilities:

• Analyze SCADA and DCS security systems and seek improvements on a continuous basis. 
• Understanding of Automation and Process Controls for Industrial Control Systems(ICS).
• Help drive security standards and best practices for Industrial Control Systems(ICS).
• Advise and implement application, and infrastructure security strategy in the OT environment.
• Perform breach, threat, and vulnerability analysis.
• Troubleshoot and fix  OT related security infrastructure issues.
• Handle escalations from Cybersecurity Analysts and plant stakeholders.
• Interact with, configure, and troubleshoot network intrusion detection devices and other security systems via proprietary and commercial consoles, both local and remote.
• Report possible threats or software issues within the OT Network.
• Research weaknesses, risks with the SCADA/DCS network and assist with remediations.
• Assist fellow employees with cybersecurity, software, hardware or  OT/IT needs.
• Develop, implement, and monitor security measures to safeguard information, network infrastructure,  HMI, PLCs and computer systems. 
• Deploy, configure, and monitor new security tools.
• Help drive user education on information security best practices.
• Design and execute a comprehensive cybersecurity strategy and architecture. 
• Identify, define, and document system security requirements, proposing solutions to management. 
• Configure, troubleshoot, and maintain ICS and OT security infrastructure software and hardware. 
• Install and manage software for monitoring systems and networks to detect security breaches and intrusions within the SCADA/DCS environment.
• Monitor systems for unusual activity and establish preventive measures. 
• Plan, develop, implement, and update the company's ICS security strategy. 
• Provide education and training to staff on best practices for SCADA/DCS systems security. 
• Analyze alerts for potential security threats within the SCADA/DCS network.
• Manage vulnerability assessments and remediation efforts for OT assets.
• Conduct risk assessments and develop mitigation strategies relevant to the ICS and OT environment.
• Collaborate on OT projects to ensure security considerations are addressed. 
• Attend meetings to provide input on security-related matters. 
• May perform other duties as assigned.The above statements reflect the general duties, responsibilities and competencies considered necessary to perform the essential duties and responsibilities of the job and should not be considered as a detailed description of all the work requirements of the position. COA may change the specific job duties with or without prior notice based on the needs of the organization. 

Knowledge Skills And Abilities:

This is a partial listing of necessary knowledge, skills, and abilities required to perform the job successfully, it is not an exhaustive list. 

Hands on experience with one or more of the following platforms or technologies: 

Palo Alto Firewalls, Programmable Logical Controllers(PLCS), Human Machine Interface(HMIs), Tripwire Enterprise, Claroty Industrial Solution and Privileged Access Management (PAM).

• Relevant knowledge and experience working with Programmable Logical Controllers(PLCS), Human Machine Interface(HMIs). 
• Understanding of IT-OT convergence concepts.
• Advanced knowledge of Unix, Linux, Windows and operating systems.
• Understanding of Networking concepts specific to industrial control systems.
• Familiar with Internet of Things (IoT) security concepts.
• Advanced knowledge of OT  and IT networking protocols and services such as: Modbus, Ethernet IP, OPC UA etc.
• Advanced knowledge of IT networking protocols and services such as:

SFTP, HTTPS, SSH, SMB, LDAP, etc.

• Knowledge of Industrial Controls security standards such as  NIST 800-82 and MITRE ATT&CK Framework for Industrial Controls Systems.
• Packet analysis tools (tcpdump, Wireshark, ngrep, etc.)
• Vulnerability assessment and remediation through patching and other relevant configuration changes specific to SCADA/DCS networks.
• Experience as a network intrusion analyst.
• Knowledge on security event triaging, investigations pertaining to Cyber threats.

Minimum Qualifications – Education and Experience:

• Bachelor’s degree in Industrial Engineering, Computer science, Computer, Engineering, Electrical Engineering, Network Security, Information Security, Information Technology, or Mathematics.
• 4-6 years of relevant experience or equivalent combination of education and work experience: undergraduate degree and 1-2 years of relevant experience, graduate degree and 0-2 years of relevant experience.
• Certifications: GIAC GCIP, InfoSec ICSP, ISA/IEC 62443 Cybersecurity Expert,  CISSP, GCIA, GPEN, GWAPT, GCIH, GSEC, OSCP, OSCE, OSCP, CompTIA Security + or similar certification.

Licensures And Certifications:

Position would be expected to have licensure or professional certifications appropriate to the position.  

Required:

Valid Georgia driver’s license

Essential Capabilities And Work Environment:

Working in a hazardous environment or near hazardous equipment:

Lifting Requirements:

Medium work: Exerting up to 50 pounds of force occasionally, and/or up to 10 pounds of force to move objects.  

The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.