• Organizational responsibility for a Product Security Workstream and all products within that workstream • Ensure all DPMs are in line with the OBD Model • Take on the most complex Discovery and Framing sessions • Drive empirical approach, so data drives solutioning • Incorporate existing products and third party to speed up delivery • Partner across organizational boundaries to deliver cohesive solutions • Build enterprise roadmaps across programs and workstreams • Grow DPMs and drive a maturation of product behaviors within the organization • Develop new workstreams and identify new products within workstreams • Formalize controls built into the Control Library • Partner with Enterprise Risk and Resilience to ensure Control Library resolves enterprise risk

At GrayMatter, we transform operations and empower people. Our consulting, implementation and technology curation services help industrial companies modernize their production environments and support operators working on the plant floor. Clients collaborate with GrayMatter to achieve their manufacturing efficiency goals, create intuitive data visualizations, reduce cybersecurity threats and guide successful digital transformation initiatives. And that’s where you come in. GrayMatter is dedicated to creating a team of unmatched talent in industrial technology. Our organizational culture encourages opportunities to learn and collaborate. Five core values woven into our DNA make Team GrayMatter stand above the rest: Accountability, Integrity, Respect, Innovation and Teamwork. We are seeking a specialized OT Field Cybersecurity Engineer to join our team, focusing on securing complex Industrial Control Systems (ICS) and bridging the security gap between Operational Technology (OT) and traditional IT networks. This role requires expert-level networking skills and deep familiarity with industrial standards (e.g., ISA 62443, NERC CIP), industrial protocols, and critical OT architecture like the Purdue Model. The position requires above average attention to details, concern for the exact correctness of work, and strong commitment to tasks completed on time. Location: - This role is remote with the expectation of frequent, independent, local travel (up to 50%) to clients and project sites in the Richmond, VA area. General Job Duties: - Design, consult, and provide recommendations for securing Industrial Control System (ICS) and Operational Technology (OT) networks and systems, in addition to traditional IT environments. - Execute cybersecurity risk and vulnerability assessments for customers utilizing an industry leading methodology, with a focus on OT environments. - Troubleshooting of advanced cyber-security solutions to resolve customer issues. - Consult with clients to holistically solve networking and security challenges. - Develop solutions internally and through partners to solve identified security challenges. - Work with solution architects to develop project scopes for solving client challenges. Knowledge, Skills and Experience Needed: - Bachelor's degree in a technical discipline (Electrical/Computer Engineering, Information Science, Computer Science) OR a minimum of 8 years of relevant experience working in the field. Required: Operational Technology (OT) Expertise - Fundamental understanding of Operational Technologies (OT) such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, RTUs, HMI, and Distributed Control Systems (DCS). - Fundamental understanding of the Purdue Reference Model for Industrial Control System (ICS) cybersecurity. - Familiarity and understanding of industrial standards and frameworks such as ISA 62443 (required) and NERC CIP. - Fundamental understanding of industrial protocols and interoperability: CIP, DNP3, Ethernet/IP, OPC-UA, MODBUS, MQTT, etc. - Industrial Control Systems (ICS) / Operational Technology (OT) experience is a plus. Required: Core Networking & Security Foundation - Expert networking skills include the ability to troubleshoot all layers of OSI model. - Must possess a broad knowledge related to IT infrastructures. - Familiarity and understanding of enterprise standards and frameworks such as IEC 27001, NIST SP 800, and/or NIST CSF. Our Ideal Candidate: - Enjoy solving problems, researching solutions, and thinking outside the box. - Is comfortable talking tech with a CTO or explaining cyber-security 101 to the sales department. - Embraces teamwork, collaboration, brainstorming, and working together towards common goals. - Can balance competing demands and manage multiple priorities with ease. - Advocates for our clients with a solid commitment to customer service and follow-through. Featured Benefits: - Medical, dental, and vision insurance beginning day one of employment - Employer paid short term disability and life insurance - 401(k) with up to 4% company match - Paid holidays, paid time off, and paid parental leave - Additional benefits available such as long term disability, accident, critical illness, hospital indemnity, EAP, telemedicine, HSA and FSA

At GrayMatter, we transform operations and empower people. Our consulting, implementation and technology curation services help industrial companies modernize their production environments and support operators working on the plant floor. Clients collaborate with GrayMatter to achieve their manufacturing efficiency goals, create intuitive data visualizations, reduce cybersecurity threats and guide successful digital transformation initiatives. And that’s where you come in. GrayMatter is dedicated to creating a team of unmatched talent in industrial technology. Our organizational culture encourages opportunities to learn and collaborate. Five core values woven into our DNA make Team GrayMatter stand above the rest: Accountability, Integrity, Respect, Innovation and Teamwork. We are seeking a specialized Senior OT Network Engineer to join our team, focusing on securing complex Industrial Control Systems (ICS) and bridging the security gap between Operational Technology (OT) and traditional IT networks. This role requires expert-level networking skills and deep familiarity with industrial standards (e.g., ISA 62443, NERC CIP), industrial protocols, and critical OT architecture like the Purdue Model. The position requires above average attention to details, concern for the exact correctness of work, and strong commitment to tasks completed on time. Location: - This role is remote with the expectation of frequent, independent, local travel (up to 50%) to clients and project sites in the Richmond, VA area. General Job Duties: - Design, consult, and provide recommendations for securing Industrial Control System (ICS) and Operational Technology (OT) networks and systems, in addition to traditional IT environments. - Execute cybersecurity risk and vulnerability assessments for customers utilizing an industry leading methodology, with a focus on OT environments. - Troubleshooting of advanced cyber-security solutions to resolve customer issues. - Consult with clients to holistically solve networking and security challenges. - Develop solutions internally and through partners to solve identified security challenges. - Work with solution architects to develop project scopes for solving client challenges. Knowledge, Skills and Experience Needed: - Bachelor's degree in a technical discipline (Electrical/Computer Engineering, Information Science, Computer Science) OR a minimum of 10 years of relevant experience working in the field. Required: Operational Technology (OT) Expertise - 10+ years of experience in Operational Technologies (OT) such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, RTUs, HMI, and Distributed Control Systems (DCS). - Fundamental understanding of the Purdue Reference Model for Industrial Control System (ICS) cybersecurity. - Familiarity and understanding of industrial standards and frameworks such as ISA 62443 (required). - Fundamental understanding of industrial protocols and interoperability: CIP, DNP3, Ethernet/IP, OPC-UA, MODBUS, MQTT, etc. - Industrial Control Systems (ICS) / Operational Technology (OT) experience is a plus. Required: Core Networking & Security Foundation - Expert networking skills include the ability to troubleshoot all layers of OSI model. - Must possess a broad knowledge related to IT infrastructures. - Familiarity and understanding of enterprise standards and frameworks such as IEC 27001, NIST SP 800, and/or NIST CSF. Our Ideal Candidate: - Enjoy solving problems, researching solutions, and thinking outside the box. - Is comfortable talking tech with a CTO or explaining cyber-security 101 to the sales department. - Embraces teamwork, collaboration, brainstorming, and working together towards common goals. - Can balance competing demands and manage multiple priorities with ease. - Advocates for our clients with a solid commitment to customer service and follow-through. Featured Benefits: - Medical, dental, and vision insurance beginning day one of employment - Employer paid short term disability and life insurance - 401(k) with up to 4% company match - Paid holidays, paid time off, and paid parental leave - Additional benefits available such as long term disability, accident, critical illness, hospital indemnity, EAP, telemedicine, HSA and FSA

Company Information Clinical Ink is the global life science company that brings data, technology, and patient science together to unlock clinical discovery. Our deep therapeutic-area expertise, coupled with Direct Data Capture, eCOA, eConsent, telehealth, neurocognitive testing, and digital biomarkers advancement, drive the industry standard for data precision and usher in a new generation of clinical trials. With offices in Philadelphia, PA, Winston Salem, NC, and Iowa City, IA, Clinical Ink is rewriting the clinical development experience. Job Description Clinical Ink is seeking an Information Security Engineer to join our IT team based remotely across the United States. The Information Security Engineer will be responsible for safeguarding Clinical Ink’s systems, networks, and data against internal and external threats. This role ensures compliance with security standards and established SOPs, manages security controls, leads incident response efforts, and supports security audits. The ideal candidate will have strong technical expertise, a proactive approach to threat mitigation and system hardening, and the ability to collaborate across teams to maintain a robust security posture. The Information Security Engineer's responsibilities include: - Implement and maintain security policies, standards, and procedures aligned with established security frameworks and regulatory requirements. - Conduct internal and external security audits and risk assessments. - Manage and maintain the IT risk register - Manage user access controls, authentication mechanisms, and periodic access reviews. - Monitor security alerts from tools such as Arctic Wolf, Sentinel One, and SIEM platforms. - Lead incident response activities, including identification, containment, eradication, recovery, root cause analysis, and post-incident review. - Maintain and improve incident response playbooks. Conduct and document Incident Response Tabletop exercises. - Configure and maintain firewalls, intrusion detection/prevention systems, and endpoint protection solutions. - Ensure secure configurations for servers, laptops, and mobile devices. - Perform regular vulnerability scans and penetration tests - Coordinate and manage annual penetration testing. - Coordinate remediation efforts for identified vulnerabilities and risks. - Collaborate with IT teams to ensure timely patching and system updates - Manage security awareness programs and phishing campaigns for employees and contractors. - Maintain SOPs for security processes and incident response. - Align security processes and practices with established security standards and frameworks. - Document security architecture, processes, and incident reports for audits and management reviews. Qualifications - Bachelor’s degree in Computer Science, Information Technology, or related field. - 5+ years of experience in security engineering or related roles. - Certifications such as CISSP, CompTIA Security+, or AWS/Azure Security Specialty a plus. - Hands-on experience with security tools such as firewalls, SIEM, and endpoint protection. - Knowledge of ISO 27001, NIST, and other security frameworks. - Knowledge of AWS cloud center operations, network engineering, enterprise applications, security, and production support. - Hands-on experience in AWS or Azure infrastructure and cloud management. - Hands-on experience with scripting languages (e.g. Python, PowerShell, Bash, etc.). - Hands-on experience with CI/CD Pipelines and Terraform. - Prior experience in the Life Sciences industry preferred. - Demonstrated critical thinking skills and ability to plan at a strategic, global level. - Strong leadership and technical skills. - Ability to communicate complex technical topics to a wide variety of audiences. Additional Information Clinical ink is an equal opportunity employer and does not discriminate against otherwise qualified applicants on the basis of race, color, creed, religion, ancestry, age, sex, marital status, national origin, disability or handicap, or veteran status. www.clinicalink.com