Skip to content
mimi

Senior OT Cyber Security Engineer

Summit Recruitment AG

On-site Full-time Senior 1mo ago

About the role

Your Responsibilities

  • Implement and integrate cybersecurity controls directly into products and operational technology (OT) systems, working shoulder to shoulder with hardware, firmware, and software engineering teams
  • Configure and harden industrial devices, controllers, gateways, and networks: secure boot, hardening baselines, account and credential management, logging, patch and vulnerability handling
  • Build and maintain network segmentation, firewall rules, secure remote access, and monitoring setups across OT environments
  • Carry out threat modelling and risk analyses on real designs, then turn findings into concrete engineering tasks and verifiable requirements
  • Set up and run security testing as part of the development cycle: vulnerability scanning, fuzzing, penetration testing, and review of SAST/DAST results, including triage and follow-up with developers
  • Contribute to incident response and forensics activities when security events occur in the field
  • Help align engineering work with IEC 62443, ISO 27001, and emerging requirements such as NIS2 and the CRA

Your Background

  • University degree (ETH / Uni / FH or equivalent) in computer science, electrical engineering, embedded systems, or a related technical discipline
  • Several years of hands-on engineering experience in cybersecurity for OT, ICS, or embedded systems, ideally in industrial automation, transportation, energy, or similar
  • Comfortable getting into the weeds: configuring devices, writing scripts, reading code, debugging network traffic, and working directly on hardware
  • Practical experience with Linux, network configuration, packet capture and analysis (Wireshark, tcpdump), and at least one scripting language (Python, Bash)
  • Working knowledge of firewalls, IDS/IPS, VPNs, and segmentation in industrial contexts
  • Good understanding of OT-specific constraints: availability, safety, long lifecycles, and legacy systems, and limited patching windows
  • Exposure to IEC 62443 and related standards is a plus, but practical engineering instinct matters more than certifications
  • Structured and pragmatic, with the ability to explain technical risk clearly to fellow engineers and project stakeholders
  • Fluent in German and English

Skills

BashCybersecurityDASTEmbedded SystemsFirewallsFuzzingHardwareIEC 62443ICSIDS/IPSIndustrial AutomationISO 27001LinuxNIS2OTPenetration TestingPythonSASTSegmentationThreat ModelingVulnerability ScanningVPNsWireshark

Don't send a generic resume

Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.

Get started free