Cyber Security Lead -OT

Job Summary

The Cyber Security Manager (Operational Technology) is a senior‑level, hands‑on technical leader responsible for designing, implementing, and maintaining advanced OT cybersecurity architectures across critical energy‑sector environments. The role focuses on secure OT network design, hardening of control‑system platforms, and guiding engineering and operations teams in deploying resilient security controls. The manager leads OT security architecture initiatives including network segmentation, secure remote access, ICS/SCADA protection, asset visibility, endpoint security, and threat detection. The position also supports essential governance activities, ensuring alignment with NIST frameworks and NERC CIP requirements while balancing operational reliability and safety. The role collaborates closely with engineering, operations, compliance, and SOC teams and may oversee contractors, vendors, or project teams. Occasional travel to operational sites may be required.

Job Responsibilities

• Design, implement, and maintain secure OT network architecture aligned with the Purdue Enterprise Reference Model.
• Lead segmentation and zoning initiatives to isolate critical control systems and reduce lateral movement risk.
• Partner with engineering and operations teams to validate network designs, firewall rulesets, and secure remote‑access pathways.
• Lead OT security projects from design through implementation, ensuring alignment with operational requirements.
• Drive deployment and optimization of OT asset‑discovery and visibility platforms to maintain an accurate, real‑time inventory of OT devices.
• Support site assessments, asset inventory validation, and baseline development for OT environments.
• Lead OT focused incident response, including detection, triage, containment, and recovery for cyber events affecting control systems.
• Collaborate with SOC teams to tune detection logic, integrate OT telemetry, and incorporate IC‑specific threat intelligence into monitoring workflows.
• Oversee identity and access controls for OT systems, including RBAC, least privilege models, and separation of duties.
• Align OT security architecture and controls with NIST CSF.
• Support compliance with NERC CIP standards, providing technical input during audits, evidence collection, and remediation planning.

Job Specific Qualifications

• Bachelor's degree and 8 years of relevant cyber security experience.
• In lieu of a degree, 12 years of cyber experience.
• Expertise designing and implementing secure network architecture; experience with OT network architecture design and the Purdue Model is a plus.
• Strong knowledge of network segmentation, zoning, DMZ design, and secure remote access principles.
• Skilled in endpoint hardening, secure configuration, and patch management strategies tailored to operational constraints, familiarity with CIS benchmarks.
• Experience conducting vulnerability assessments across OT infrastructure.
• Strong capability in response, including triage, containment, and recovery.
• Experience designing and implementing identity and access controls including RBAC, least privilege models, and separation of duties.
• Proficiency with SIEM technologies, alert analysis, and event correlation.
• Department of Energy's regulation 10 CFR 810 is required.

Desired Qualifications

• Experience deploying and managing OT asset discovery and visibility platforms (Dragos, Claroty, etc.).
• Understanding of operational constraints, safety requirements, and change management processes in OT environments.
• Experience with OT baselining tools (e.g., Tripwire, Industrial Defender).
• Experience in a NERC CIP regulated OT environment.
• ISC2 Certified Information Systems Security Professional (CISSP).
• Additional OT relevant certifications such as GICSP, GRID, or ISA/IEC 62443.

Additional Requirements

• Approximately 5% travel required.
• NERC CIP position – requires NERC CIP background investigation prior to start.

Security Clearance and Eligibility

Some positions at PSEG require access to information covered by the Department of Energy's regulation 10 CFR 810 (Part 810). If applicable, the successful applicant must prove eligibility as a U.S. citizen, lawful permanent resident, or a citizen of a “Generally Authorized” destination. Eligibility details are provided in the federal regulations.

Benefits

Employees scheduled 20+ hours per week receive comprehensive benefits, including medical, dental, vision, paternal and family leave programs, behavioral health programs, 401(k) with company match, life insurance, tuition reimbursement, and generous paid time off.

Employment Policies

PSEG is not offering visa sponsorship for this position. Employees may be required to perform extended hours or work on unfamiliar sites during storm or outage restoration efforts. Drug and alcohol testing is required for all roles, including pre‑employment, for cause, and post‑incident testing. Employees in federally regulated roles are subject to random testing, inclusive of marijuana; CBD product use may result in a positive test and is not a legitimate medical explanation.

Equal Opportunity & Accommodations

PSEGLI is an equal‑opportunity employer, dedicated to a policy of non‑discrimination in employment based on any legally protected characteristic, including race, color, religion, national origin, sex, age, marital status, sexual orientation, disability, or veteran status. PSEGLI is committed to providing reasonable accommodations to individuals with disabilities. For accommodation requests, please contact 973‑430‑3845 or email Any information provided regarding a disability will be kept strictly confidential and will not be shared with anyone involved in the hiring decision.