OT Cybersecurity Engineer

This Opportunity

This is an exciting opportunity to join WSP’s Critical & Emerging Technology team within the national Transit & Rail practice. This role focuses on delivering OT cybersecurity engineering, assessments, supplier/OEM compliance reviews, and architecture support for transit and rail systems including CBTC, SCADA, PTC, traction power, fleet charging, and safety-critical infrastructure.

This may include safeguarding systems such as signaling, SCADA, traction power, and fleet charging infrastructure, while championing the adoption and strategies to future proof our clients to test and validate emerging technologies that enhance safety, reliability, and performance. While it is critical for the candidate to thoroughly understand and contribute to the latest cyber standards (NIST, ISO, IEC, and FTA), the role requires the individual to lead engaging conversations with our clients about what the future of transit may hold and how best to prepare. The role will work closely with our established WSP US Properties & Buildings Cybersecurity team as well as the global WSP Cybersecurity community. Deep cybersecurity expertise within the Transportation sector can be found in our global team.

This position may be based out of any mutually agreed upon East Coast Office with New York, NY as a preferred location.

Your Impact

Core Technical Responsibilities

• Conduct OT cybersecurity risk assessments, threat modeling, and vulnerability evaluations aligned with IEC 62443, TS 50701, NIST 800‑82/53, and relevant transit/rail standards.
• Review supplier/OEM cybersecurity documentation such as SSPs, IRAs, DCRAs, zoning/conduit models, SBOM/HBOM, and patch management plans.
• Support secure OT system and network architecture development including segmentation, DMZ design, boundary protection, and access control strategies.
• Assist with OT asset inventory, system baselining, and network visibility activities to improve cybersecurity situational awareness.
• Develop and recommend mitigation strategies, corrective actions, and cybersecurity controls for identified risks and vulnerabilities.
• Support cybersecurity testing, commissioning, and configuration validation for OT systems, including controllers, network devices, and field hardware.

Project Support Responsibilities

• Contribute to cybersecurity procurement documentation including scopes, requirements, and acceptance criteria.
• Support development of cybersecurity master plans, monitoring strategies, and operational security documentation.
• Participate in OT tabletop exercises and incident response activities in coordination with client teams.

Collaboration & Coordination

• Work collaboratively with engineering, systems integration, operations, and safety teams across project life cycles.
• Provide clear technical documentation and contribute to stakeholder communication as required.

Who You Are

Required Qualifications

• Bachelor’s degree in engineering, cybersecurity, computer science, or a related field.
• 7- 10+ years of OT cybersecurity experience, including 3+ years in transit, rail, or critical infrastructure environments.
• Hands‑on experience with rail/transit OT systems (CBTC, SCADA, PLCs, traction power, tunnel ventilation, fire/life safety, fleet charging, V2I/V2X, and related systems).
• Deep knowledge of relevant cybersecurity standards including IEC 62443, TS50701, IEC 63452, NIST 800‑82/53, ISO frameworks, UNECE, TS, and APTA guidelines.
• Demonstrated expertise in threat modeling, penetration testing, and OT network security; experience securing OTA, remote diagnostics, and air‑gapped environments.
• Familiarity with OT security tools and monitoring technologies (e.g., Nozomi, Claroty, Dragos, protocol analysis tools).
• Professional certifications such as CISSP, GICSP, ISA/IEC, and/or CompTIA Security+.
• Strong communication, stakeholder engagement, and technical writing skills for client-facing environments.
• Experience supporting cybersecurity-related compliance for U.S. transit regulatory bodies (FTA, FRA, TSA).
• Ability to work independently and collaboratively across disciplines, delivering cybersecurity solutions in complex operational environments.
• Understanding of OT logging, telemetry, and secure event collection requirements used to support monitoring, detection, and incident response.

Preferred Qualifications

• Master’s degree in systems engineering or cybersecurity.
• Demonstrated success in management consulting or advisory roles.
• Long-standing experience in the cybersecurity sector with a preference within the Transportation market.
• Successful candidates will be able to confidently speak, lead client-facing meetings, and attend prominent industry committees.
• Deep experience with rail communications networks related to OT threats and vulnerabilities. Specifically, system familiarity should include SCADA, PLCs, and industrial systems used in transit infrastructure.
• Specific examples and lessons learned from cybersecurity projects showcasing understanding of the latest frameworks and standards, threat detection and prevention best practices
• Knowledge of secure development lifecycle and supply-chain cybersecurity practices (e.g., IEC 62443‑4‑1, firmware integrity, component assurance)

WSP Benefits

WSP provides a comprehensive suite of benefits focused on providing health and financial stability throughout the employee’s career. These benefits include coverage related to medical, dental, vision, disability, and life; retirement savings; paid sick leave; paid vacation (or other personal time); paid parental leave; and paid time off for purposes of bereavement, voting, and/or attendance at naturalization proceedings.

Compensation

Expected Salary (all locations): $102,300-$185,000.

WSP USA is providing the compensation range that the company in good faith believes it might pay and offer for this position, based on the successful applicant’s education, experience, knowledge, skills, abilities in addition to internal equity and specific geographic location. WSP USA reserves the right to ultimately pay more or less than the posted range and offer additional benefits and other compensation, depending on circumstances not related to an applicant’s sex or other status protected by local, state, and/or federal law.

About WSP

ABOUT US

WSP USA is the U.S. operating company of WSP, one of the world's leading engineering and professional services firms. Dedicated to serving local communities, we are engineers, planners, technical experts, strategic advisors and construction management professionals. WSP USA designs lasting solutions in the buildings, transportation, energy, water and environment markets. With more than 15,000 employees in over 300 offices across the U.S., we partner with our clients to help communities prosper.

www.wsp.com

WSP provides a flexible and agile workplace model while meeting client needs. Employees are also afforded a comprehensive suite of benefits including medical, dental, vision, disability, life, and retirement savings focused on providing health and financial stability throughout the employee’s career.

At WSP, we want to give our employees the challenges they seek to grow their careers and knowledge base. Your daily contributions to your team will be essential in meeting client objectives, goals and challenges. Are you ready to get started?

WSP USA (and all of its U.S. companies) is an Equal Opportunity Employer Race/Age/Color/Religion/Sex/Sexual Orientation/Gender Identity/National Origin/Disability or Protected Veteran Status.

The selected candidate must be authorized to work in the United States.