OT/ICS Security Engineer

A career at Resilience is more than just a job - it's an opportunity to change the future.

Resilience is a technology-focused biomanufacturing company that's changing the way medicine is made. We're building a sustainable network of high-tech, end-to-end manufacturing solutions to better withstand disruptive events, serve scientific discovery, and reach those in need.

For more information, please visit www.resilience.com

Position Summary

We are seeking an ICS Security Engineer to join our Security team as a subject matter expert and advisor on securing industrial control systems (ICS) and operational technology (OT) within pharma-manufacturing environments. You will focus on establishing security standards, assisting in the integration of secure architectures, and enhancing visibility into ICS/OT environments across manufacturing and lab processes. This role requires strong expertise in ICS/OT security, including architecture, network protocols, and industry-specific regulatory requirements. You will work closely with multiple teams to implement security best practices, ensure compliance, and drive security initiatives across our facilities.

As a hands-on engineer, you will consult with various departments to develop and implement security controls, integrate security into ICS/OT projects, and provide technical guidance to optimize manufacturing and automation processes securely. Your focus will be on advising manufacturing, automation, and IT teams while addressing unique security challenges associated with ICS/OT environments in highly regulated industries.

Responsibilities

ICS Security Standards & Secure Architecture:

• Develop and implement security standards, procedures, and best practices for ICS/OT environments.
• Provide guidance on secure deployment models and architecture patterns for ICS networks, manufacturing, and lab processes.
• Facilitate threat modeling and risk assessments for ICS systems, recommending security controls to mitigate identified risks.

Security Engineering & Observability in ICS/OT:

• Improve observability and monitoring of ICS/OT environments, collaborating with automation and IT teams to enhance visibility into security events and incidents.
• Design and implement security controls for ICS networks, including SCADA, PLCs, and other industrial devices.
• Assist in developing workflows and playbooks for incident response and security operations related to ICS/OT environments.

Cross-Functional Consulting & Collaboration:

• Act as a security advisor to departments involved in manufacturing, automation, and ICS/OT, providing guidance on security best practices and regulatory compliance.
• Work closely with the IT, manufacturing, and automation teams to ensure alignment with security policies and standards.
• Collaborate with the broader security team to integrate ICS/OT security efforts into the overall security strategy.

Engagement & Continuous Improvement:

• Engage with external entities, including industry groups and partners (e.g., MFG-ISAC, Bio-ISAC), to stay informed about evolving threats and meet customer security requirements.
• Develop "secure by design" reference architectures and compensating controls for both new and legacy ICS/OT systems.
• Stay current with the latest ICS/OT security practices, technologies, and regulations to continuously improve the security posture of manufacturing and lab environments.

Minimum Qualifications

• Substantial experience in ICS/OT security, including network architecture, risk assessment, and regulatory compliance.
• Deep understanding of ICS protocols (e.g., OPC, Modbus, BACnet) and standards (e.g., IEC 62443, Purdue Model).
• Hands-on experience with ICS/OT security tools (e.g., SIEM, intrusion detection, vulnerability management).
• Strong communication skills, with the ability to advise technical and non-technical teams effectively.

Preferred Qualifications

• Bachelor's degree in a related field (e.g., Electrical Engineering, Information Security) or equivalent work experience.
• Experience with disruptive ICS technologies and secure integration in manufacturing settings.
• Security certifications such as GIAC Global Industrial Cyber Security Professional (GICSP) or Certified SCADA Security Architect (CSSA).
• Familiarity with regulatory requirements for ICS/OT environments in pharma-manufacturing (e.g., 21 CFR Part 11).
• Familiarity with cloud integrations for ICS/OT telemetry and monitoring.

Resilience is an Equal Employment Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, physical or mental disability, genetic information, or characteristic, or other non-job-related characteristics or other prohibited grounds specified in applicable federal, state, and local laws. Requests for reasonable accommodation can be made at any stage of the recruitment process.