Job Description: Anywhere Type: Permanent Category: Security Industry: Government Workplace Type: Remote Reference ID: JN -042026-106569 Date Posted: 04/26/2026 Shortcut: http://careers.eliassen.com/EYewvM - Description - Recommended Jobs Description: Description: Remote Our client seeks an Operational Technology Security Engineer to secure industrial and OT environments through the design, implementation, and monitoring of controls aligned to DoD and industry standards. The engineer will assess risk, harden architectures, and integrate cybersecurity across the OT system lifecycle. The role will bridge IT and OT practices, support inspections and incident response, and deliver analytics to inform leadership decisions. Salary: $110,000 - $135,000/ yr. w2 Responsibilities: - Support planning, design, development, testing, integration, and security of OT systems. - Analyze and implement OT cybersecurity requirements and controls. - Conduct vulnerability assessments across OT and IT systems, networks, applications, and databases. - Develop, maintain, and validate cybersecurity documentation and artifacts. - Manage and track POA&M entries, including remediation actions and timelines. - Perform OT-specific risk assessments and recommend mitigation strategies. - Support DoD cybersecurity inspections and ensure environment readiness. - Deploy and tune OT security monitoring solutions including IDS, IPS, and anomaly detection. - Develop and implement OT-specific incident response plans. - Manage software and firmware updates while minimizing operational disruption. - Generate cybersecurity reports, analytics, and trend analysis for leadership. - Bridge IT and OT cybersecurity practices to ensure aligned protections. - Provide technical recommendations to engineers, operators, and leadership. - Support compliance with industry and regulatory cybersecurity standards. - Build automated workflows for vulnerability management and reporting. Experience Requirements: - Minimum seven years of experience in OT cybersecurity or a related field. - Experience supporting DoD or federal cybersecurity environments (preferred). - Hands-on experience with industrial control systems and OT environments. - Strong knowledge of OT systems including SCADA, ICS, DCS, PLCs, HMIs, RTUs, and field devices. - Experience with OT communication protocols such as Modbus/TCP, DNP3, BACnet, and IEC 61850. - Understanding of secure OT network architectures including segmentation, firewalls, and IDS/IPS. - Knowledge of secure remote access solutions for OT environments. - Experience with vulnerability scanning tools such as ACAS, Nessus, Qualys, Forescout, and EyeInspect. - Familiarity with cybersecurity frameworks including NIST CSF, ISA/IEC 62443, and NERC CIP. - Understanding of DoD cybersecurity requirements including STIGs, IAVMs, and configuration guides. - Experience with patch management and change management processes. - Ability to conduct forensic analysis within OT environments. - Proficiency with Microsoft Excel, Access, Power BI, and Power Platform. - Strong analytical, problem-solving, and research skills. - Excellent written and verbal communication skills. - Ability to work independently and in team environments. - Active DoD Secret Clearance. - Training module or course completion in Forescout. Education Requirements: - One of the following certifications: 300 - ICS Cybersecurity; AWS Certified Solutions Architect - Associate; GIAC Certified Windows Security Administrator (GCWN); Infoblox Core DDI Configuration and Administration; ISA Certified Control System; Microsoft Certified: Azure Administrator Associate; Microsoft Certified Solutions Associate Windows Server 2016; Microsoft 365 Certified: Messaging Administrator Associate; MS 2016 Active Directory Identity and Networking; Oracle Cloud Infrastructure Foundations 2020 Certified Associate; OCI Cloud Infrastructure Foundations Associate 2025 Exam. - And one of the following certifications: CCNA Security; CompTIA CySA+; GICSP; CompTIA Security+ CE; CND; SSCP. Recruitment Transparency Notice Eliassen Group values transparency in our recruitment practices. Please be advised that Eliassen Group utilizes artificial intelligence (AI) tools as part of its initial application screening and hiring process. You may receive email and SMS notifications from the Eliassen Virtual Recruiting Team (noreply@eliassen.com, 781-808-2924) inviting you to complete a brief voice screening as part of your application process. These tools assist our hiring teams in different ways, including but not limited to, assistance in reviewing application materials to help identify candidates whose qualifications most closely match the requirements of the position. All AI-assisted evaluations and responses are reviewed by human recruiters before any hiring decisions are made. The use of AI in our process is intended to support fairness, efficiency, and consistency, and Eliassen Group takes measures to prevent bias or discrimination in connection with its hiring practices. By proceeding, you acknowledge, agree, and consent to Eliassen Group’s use of these tools, including AI tools, as part of the application and hiring process. Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range. W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality. If anyone reaches out to you about an open position connected with Eliassen Group, please ensure that you are working directly with us by confirming the following: · When you work with Eliassen Group, all email communication will come from an Eliassen.com address, never Gmail, Yahoo, etc. · Eliassen Group will never ask you for personal information (home address, bank account, or check routing number) until you have worked with someone clearly associated with Eliassen Group. If you have any indication of fraudulent activity, please contact fraud@eliassen.com. About Eliassen Group: Eliassen Group is a strategic consulting firm that helps organizations reach further and achieve more through our technology, business advisory, and life sciences solutions. For nearly 40 years, we have combined exceptional people, deep domain expertise, and intelligent capabilities to expand our clients’ capacity and accelerate meaningful outcomes. We are driven by a purpose to positively impact the lives of our employees, clients, consultants, and the communities we serve. Eliassen is committed to building a diverse and inclusive team from a variety of backgrounds, perspectives, and skills. We are an Equal Opportunity and Affirmative Action Employer and all employment decisions are based on merit, performance, and business needs. Eliassen does not discriminate on the basis of race, color, gender identity or expression, sexual preference or orientation, sex (including pregnancy, childbirth, and related medical conditions), marital status, creed, religion, physical or mental disability, genetic information, military or veteran status, age, ancestry, national origin, citizenship status, prohibited criminal record inquiries of applicants and employees, or any other category protected by federal, state, or local laws. Don’t miss out on our referral program! If we hire a candidate that you refer us to then you can be eligible for a $1,000 referral check!

• Assist with monitoring alerts and logging to identify potential threats • Support threat intelligence collection and analysis to help detect emerging cyber risks • Participate in incident triage and response activities, including evidence collection and documentation • Assist with vulnerability scanning, reporting, and remediation tracking across enterprise systems • Explore the use of generative AI tools for cyber defense, automation, documentation enhancement, or workflow enhancements • Participate in team meetings, training, and assist with documentation/process updates • Assist with system hardening, patch validation, account reviews, and CMMC related artifact gathering • Participate in cross-departmental projects and process improvement initiatives as available

Role Description Eaton’s corporate legal team is seeking a Senior Counsel to support the enterprise’s cybersecurity function. The preferred location for this position is either our corporate office in Beachwood, OH or in Moon Township, PA, but remote work from the Eastern or Central time zone is available. Some travel is expected (~10%). The Senior Counsel role will lead a cross-functional cybersecurity legal program that integrates security operations, incident response, governance, and regulatory/data privacy compliance, while advancing responsible AI security and risk management. This role serves as the legal bridge among Cybersecurity, IT, OT, Communications, HR, and Finance, ensuring the company can prevent, detect, respond to, and recover from cyber incidents and AI-related risks while meeting global legal and regulatory obligations. The leader will drive tabletop exercises, oversee policy/playbook development, guide product and enterprise security reviews, and act as a primary legal cyber advisor to executives during IT/OT security and AI governance events. Key Responsibilities - Incident Readiness & Response - Own the legal aspects of the enterprise incident response (IR) program including preparation, detection, response, recovery, and lessons learned; manage executive ready IR playbooks that clearly define roles functions. - Contribute by assisting with the planning, deployment, and debriefing tabletop exercises with internal teams and outside firms; track remediation items through to closure and report outcomes to senior leadership and the board. - Serve as on call executive advisor for material incidents, coordinating with security operations center, corporate event response team, outside counsel, insurers, regulators, and law enforcement as needed. - Ensure eDiscovery, privilege, and regulatory timeline considerations are embedded in IR workflows (e.g., notification triggers, insurer engagement). - Coordinate with Engineering and IT on AI incident reporting obligations under emerging regulations. - Security Governance, Risk & Compliance - Contribute to cross functional Cybersecurity/IT/OT governance forums; align policy and standards with Zero Trust, identity, network, cloud, and OT security programs. - Oversee policy lifecycle (draft, socialize, approve, measure), including AI security monitoring standards and privacy by design controls in partnership with Data Protection Privacy teams. - Direct risk assessments for major programs and products; track risk treatment plans and KRIs/KPIs in collaboration with GRC and Internal Audit. - Regulatory & Global Counsel Integration - Act as the executive point of contact for global cybersecurity and data protection laws (e.g., U.S. sectoral rules, EU NIS2/GDPR, China’s Cybersecurity Law), coordinating with regional counsel and external advisors to interpret obligations and translate them into operational controls. - Lead regulatory response readiness (notifications, supervisory inquiries, exam prep) and ensure documentation/attestations are accurate and defensible. - Track and interpret AI-related regulatory developments (EU AI Act, U.S. state AI laws) and translate them into actionable compliance requirements. - Enterprise & Product Security Reviews - Co-lead Cyber Product Review and security architecture gates for enterprise platforms and customer facing products/solutions; drive decision logs, actions, and risk acceptance processes with accountable owners (IT, Engineering, Product, Legal). - Expand Cyber Product Reviews to include AI risk assessments for products and internal tools; ensure secure model deployment and vendor risk evaluations. - Ensure integration, vulnerability management, and cloud security roadmaps; report progress, risks, and dependencies through executive dashboards. - Stakeholder Engagement & Communication - Provide board/C suite briefings on AI risk and cyber posture, material risks, control maturity, and incident updates, including emerging threats and compliance obligations; craft clear, business outcome focused narratives. - Partner with Corporate Communications to prepare proactive/reactive statements and media strategies as part of IR planning and exercises. - Coach and enable business/function leaders to own cyber risk within their domains. Qualifications - Juris Doctorate; licensed and in good standing to practice in at least one state - Experience working in a global law firm and a global corporation (in-house counsel) - Minimum of ten (10) years in cybersecurity, cyber risk, incident response, or closely related domains, with significant cross functional leadership. - Demonstrated experience leading complex incidents/tabletops and working directly with outside counsel/insurers/regulators. - Up to 10% travel - Eaton will not consider applicants for employment immigration sponsorship or support for this position. Preferred Qualifications - Certifications: CISSP, CISM, CISA, CCSP, or relevant privacy credentials (e.g., CIPP/E, CIPP/US, CIPM). - Experience with OT security governance and enterprise Zero Trust transformations. - Experience working within a complex, multinational company. - Experience within a manufacturer or other highly-engineered, physical product-based organization helpful. Skills - Strong command of global cyber/data protection frameworks - Proven ability to translate legal/regulatory obligations into executable controls and measurable program outcomes. - Executive presence; excellent written/oral communication with board level stakeholders. Benefits - Competitive pay and a variety of benefit programs for eligible employees. - The expected annual salary range for this role is $182,000 - $266,000 a year. - This role is also eligible for a variable incentive program.

• Design and implement security controls for cloud, platform, and deployment systems, with a focus on secure defaults and durable risk reduction. • Partner with platform, SRE, and infrastructure teams to review architecture and infrastructure changes, identify security risks, and drive practical remediation plans. • Build and improve automation for infrastructure security, including controls for cloud IAM, Kubernetes and container environments, secrets handling, and infrastructure-as-code workflows. • Identify and remediate systemic weaknesses such as misconfigurations, exposed services, weak trust boundaries, and insecure defaults in production environments. • Support infrastructure vulnerability management by helping prioritize findings, validate fixes, and improve how issues are detected and prevented over time. • Help assess and improve security controls for AI-assisted developer workflows and GenAI-enabled systems, including agentic tooling, coding assistants, and internal AI integrations that interact with production or sensitive environments. • Respond to production security issues, investigate root causes using logs, dashboards, and system context, and contribute follow-up improvements that strengthen the platform. • Contribute to team effectiveness by documenting patterns, participating in design and code reviews, and helping raise the security quality bar across engineering.