OT Cyber Security Engineer

Senior OT Cyber Security Engineer

Winterthur, SwitzerlandYour Responsibilities • Implement and integrate cybersecurity controls directly into products and operational technology (OT) systems, working shoulder to shoulder with hardware, firmware, and software engineering teams

• Configure and harden industrial devices, controllers, gateways, and networks: secure boot, hardening baselines, account and credential management, logging, patch and vulnerability handling

• Build and maintain network segmentation, firewall rules, secure remote access, and monitoring setups across OT environments

• Carry out threat modelling and risk analyses on real designs, then turn findings into concrete engineering tasks and verifiable requirements

• Set up and run security testing as part of the development cycle: vulnerability scanning, fuzzing, penetration testing, and review of SAST/DAST results, including triage and follow-up with developers

• Contribute to incident response and forensics activities when security events occur in the field

• Help align engineering work with IEC 62443, ISO 27001, and emerging requirements such as NIS2 and the CRA

Your Background • University degree (ETH / Uni / FH or equivalent) in computer science, electrical engineering, embedded systems, or a related technical discipline

• Several years of hands-on engineering experience in cybersecurity for OT, ICS, or embedded systems, ideally in industrial automation, transportation, energy, or similar

• Comfortable getting into the weeds: configuring devices, writing scripts, reading code, debugging network traffic, and working directly on hardware

• Practical experience with Linux, network configuration, packet capture and analysis (Wireshark, tcpdump), and at least one scripting language (Python, Bash)

• Working knowledge of firewalls, IDS/IPS, VPNs, and segmentation in industrial contexts

• Good understanding of OT-specific constraints: availability, safety, long lifecycles, legacy systems, and limited patching windows

• Exposure to IEC 62443 and related standards is a plus, but practical engineering instinct matters more than certifications

• Structured and pragmatic, with the ability to explain technical risk clearly to fellow engineers and project stakeholders

• Fluent in German and English

For more info reach out to Randy at 041 588 12 86 or randy@summitag.ch