• Architect the trust layer as the Lead Security Engineer • Configure Auth0 and AWS infrastructure • Own SOC 2 and ISO 27001 programs • Conduct internal pentests and vulnerability scans • Maintain internal risk register and assist Front-line teams

• Organizational responsibility for a Product Security Workstream and all products within that workstream • Ensure all DPMs are in line with the OBD Model • Take on the most complex Discovery and Framing sessions • Drive empirical approach, so data drives solutioning • Incorporate existing products and third party to speed up delivery • Partner across organizational boundaries to deliver cohesive solutions • Build enterprise roadmaps across programs and workstreams • Grow DPMs and drive a maturation of product behaviors within the organization • Develop new workstreams and identify new products within workstreams • Formalize controls built into the Control Library • Partner with Enterprise Risk and Resilience to ensure Control Library resolves enterprise risk

At GrayMatter, we transform operations and empower people. Our consulting, implementation and technology curation services help industrial companies modernize their production environments and support operators working on the plant floor. Clients collaborate with GrayMatter to achieve their manufacturing efficiency goals, create intuitive data visualizations, reduce cybersecurity threats and guide successful digital transformation initiatives. And that’s where you come in. GrayMatter is dedicated to creating a team of unmatched talent in industrial technology. Our organizational culture encourages opportunities to learn and collaborate. Five core values woven into our DNA make Team GrayMatter stand above the rest: Accountability, Integrity, Respect, Innovation and Teamwork. We are seeking a specialized OT Field Cybersecurity Engineer to join our team, focusing on securing complex Industrial Control Systems (ICS) and bridging the security gap between Operational Technology (OT) and traditional IT networks. This role requires expert-level networking skills and deep familiarity with industrial standards (e.g., ISA 62443, NERC CIP), industrial protocols, and critical OT architecture like the Purdue Model. The position requires above average attention to details, concern for the exact correctness of work, and strong commitment to tasks completed on time. Location: - This role is remote with the expectation of frequent, independent, local travel (up to 50%) to clients and project sites in the Richmond, VA area. General Job Duties: - Design, consult, and provide recommendations for securing Industrial Control System (ICS) and Operational Technology (OT) networks and systems, in addition to traditional IT environments. - Execute cybersecurity risk and vulnerability assessments for customers utilizing an industry leading methodology, with a focus on OT environments. - Troubleshooting of advanced cyber-security solutions to resolve customer issues. - Consult with clients to holistically solve networking and security challenges. - Develop solutions internally and through partners to solve identified security challenges. - Work with solution architects to develop project scopes for solving client challenges. Knowledge, Skills and Experience Needed: - Bachelor's degree in a technical discipline (Electrical/Computer Engineering, Information Science, Computer Science) OR a minimum of 8 years of relevant experience working in the field. Required: Operational Technology (OT) Expertise - Fundamental understanding of Operational Technologies (OT) such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, RTUs, HMI, and Distributed Control Systems (DCS). - Fundamental understanding of the Purdue Reference Model for Industrial Control System (ICS) cybersecurity. - Familiarity and understanding of industrial standards and frameworks such as ISA 62443 (required) and NERC CIP. - Fundamental understanding of industrial protocols and interoperability: CIP, DNP3, Ethernet/IP, OPC-UA, MODBUS, MQTT, etc. - Industrial Control Systems (ICS) / Operational Technology (OT) experience is a plus. Required: Core Networking & Security Foundation - Expert networking skills include the ability to troubleshoot all layers of OSI model. - Must possess a broad knowledge related to IT infrastructures. - Familiarity and understanding of enterprise standards and frameworks such as IEC 27001, NIST SP 800, and/or NIST CSF. Our Ideal Candidate: - Enjoy solving problems, researching solutions, and thinking outside the box. - Is comfortable talking tech with a CTO or explaining cyber-security 101 to the sales department. - Embraces teamwork, collaboration, brainstorming, and working together towards common goals. - Can balance competing demands and manage multiple priorities with ease. - Advocates for our clients with a solid commitment to customer service and follow-through. Featured Benefits: - Medical, dental, and vision insurance beginning day one of employment - Employer paid short term disability and life insurance - 401(k) with up to 4% company match - Paid holidays, paid time off, and paid parental leave - Additional benefits available such as long term disability, accident, critical illness, hospital indemnity, EAP, telemedicine, HSA and FSA

At GrayMatter, we transform operations and empower people. Our consulting, implementation and technology curation services help industrial companies modernize their production environments and support operators working on the plant floor. Clients collaborate with GrayMatter to achieve their manufacturing efficiency goals, create intuitive data visualizations, reduce cybersecurity threats and guide successful digital transformation initiatives. And that’s where you come in. GrayMatter is dedicated to creating a team of unmatched talent in industrial technology. Our organizational culture encourages opportunities to learn and collaborate. Five core values woven into our DNA make Team GrayMatter stand above the rest: Accountability, Integrity, Respect, Innovation and Teamwork. We are seeking a specialized Senior OT Network Engineer to join our team, focusing on securing complex Industrial Control Systems (ICS) and bridging the security gap between Operational Technology (OT) and traditional IT networks. This role requires expert-level networking skills and deep familiarity with industrial standards (e.g., ISA 62443, NERC CIP), industrial protocols, and critical OT architecture like the Purdue Model. The position requires above average attention to details, concern for the exact correctness of work, and strong commitment to tasks completed on time. Location: - This role is remote with the expectation of frequent, independent, local travel (up to 50%) to clients and project sites in the Richmond, VA area. General Job Duties: - Design, consult, and provide recommendations for securing Industrial Control System (ICS) and Operational Technology (OT) networks and systems, in addition to traditional IT environments. - Execute cybersecurity risk and vulnerability assessments for customers utilizing an industry leading methodology, with a focus on OT environments. - Troubleshooting of advanced cyber-security solutions to resolve customer issues. - Consult with clients to holistically solve networking and security challenges. - Develop solutions internally and through partners to solve identified security challenges. - Work with solution architects to develop project scopes for solving client challenges. Knowledge, Skills and Experience Needed: - Bachelor's degree in a technical discipline (Electrical/Computer Engineering, Information Science, Computer Science) OR a minimum of 10 years of relevant experience working in the field. Required: Operational Technology (OT) Expertise - 10+ years of experience in Operational Technologies (OT) such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, RTUs, HMI, and Distributed Control Systems (DCS). - Fundamental understanding of the Purdue Reference Model for Industrial Control System (ICS) cybersecurity. - Familiarity and understanding of industrial standards and frameworks such as ISA 62443 (required). - Fundamental understanding of industrial protocols and interoperability: CIP, DNP3, Ethernet/IP, OPC-UA, MODBUS, MQTT, etc. - Industrial Control Systems (ICS) / Operational Technology (OT) experience is a plus. Required: Core Networking & Security Foundation - Expert networking skills include the ability to troubleshoot all layers of OSI model. - Must possess a broad knowledge related to IT infrastructures. - Familiarity and understanding of enterprise standards and frameworks such as IEC 27001, NIST SP 800, and/or NIST CSF. Our Ideal Candidate: - Enjoy solving problems, researching solutions, and thinking outside the box. - Is comfortable talking tech with a CTO or explaining cyber-security 101 to the sales department. - Embraces teamwork, collaboration, brainstorming, and working together towards common goals. - Can balance competing demands and manage multiple priorities with ease. - Advocates for our clients with a solid commitment to customer service and follow-through. Featured Benefits: - Medical, dental, and vision insurance beginning day one of employment - Employer paid short term disability and life insurance - 401(k) with up to 4% company match - Paid holidays, paid time off, and paid parental leave - Additional benefits available such as long term disability, accident, critical illness, hospital indemnity, EAP, telemedicine, HSA and FSA