Senior/Staff/Principal SWE – OT Security Engineering

Remote Full-time
Job Description:
• **Secure Remote Access Platform: **Identity-bound, MFA-protected access anchored at the OT DMZ / Purdue Level 3, with session brokering, just-in-time privilege, and policy enforcement designed for industrial environments.
• **Protocol-Aware Policy Authoring: **A Protocol Registry that maps OT protocol names (Modbus TCP, DNP3, IEC 61850, OPC-UA, EtherNet/IP) to port and transport defaults, making policy authoring OT-aware without changing the underlying enforcement model.
• **Evidence and Audit Baseline: **Structured access logs capturing user identity, target, session start/end, and outcome - forwardable to Splunk, Kinesis, Datadog etc. supporting NERC CIP, IEC 62443, NIST SP 800-82, and CMMC audit requirements.
• **Session Governance: **Enforced session recording, keystroke logging, step-up authentication, and dual-authorization approval workflows for regulated and defense environments.
• **Asset Context Ingestion (Phase 2+): **API-based integration with OT visibility platforms (Dragos, Nozomi, Claroty) normalized into policy-ready attributes, without blocking access in the critical path.
• **Design and implement **backend services across AppGate's distributed architecture — Controller, Gateway, and Connector components — with a focus on OT-safe deployment patterns.
• **Build and maintain **REST and gRPC APIs supporting policy evaluation, access control, protocol registry management, and OT-specific system integrations.
• **Apply Zero Trust principles **to remote access for industrial assets, accounting for the safety, uptime, and determinism constraints of OT environments.
• **Integrate **with industrial protocols and OT asset types — PLCs, RTUs, HMIs, historians — running Modbus, DNP3, OPC-UA, Profinet, and EtherNet/IP.
• **Own features end-to-end, **from architecture through production deployment in real customer environments.
• **(Staff / Principal) **Define technical direction, lead architecture reviews, and support hiring as the OT engineering function scales.

Requirements:
• **Experience: **Hands-on background building or operating secure remote access systems — VPN, ZTNA, jump servers, privileged access, session brokers, or equivalent.
• **OT Domain Knowledge: **Direct experience in or with OT / ICS environments — manufacturing, energy, utilities, oil and gas, water, transportation, or defense.
• **Technical Fundamentals: **
• Strong systems programming in Go, Rust, or a comparable language
• Solid networking (TCP/IP, TLS, firewalls) and identity (SAML, OIDC, PKI) fundamentals
• Familiarity with the Purdue Model and IT/OT DMZ design patterns
• Working knowledge of OT protocols: Modbus, DNP3, OPC-UA, EtherNet/IP
• **Mindset: **High ownership, end-to-end accountability, comfortable in a small team where you solve problems before they become fires.

Benefits:

Apply tot his job

Apply To this Job
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Group Product Manager, Internal Tools and Operations

Remote

Experienced Full Stack Customer Care and Data Entry Specialist – Remote Customer Service and Digital Support at Blithequark

Remote

Senior Performance Marketing Manager, Pro Acquisition – Marketplace Supply Growth

Remote

Experienced Remote Customer Service Representative – Work From Home Opportunity with careerzynith

Remote

[Remote] Motion Designer/Editor

Remote

[Remote-Position] FedEx Remote Data Entry Jobs - Apply Now!

Remote

[Remote/WFM] Need Medical Assisting/ Adjunct Instructor

Remote

Part-Time Study Participant - High Earning Potential (Hiring Immediately)

Remote

Medical Billing Specialist

Remote

Staff Technical Program Manager (Reliability and Quality) - Remote

Remote
← Back