SR
Senior OT Cyber Security Engineer
Summit Recruitment AG
On-site Full-time Senior 1mo ago
About the role
Your Responsibilities
- Implement and integrate cybersecurity controls directly into products and operational technology (OT) systems, working shoulder to shoulder with hardware, firmware, and software engineering teams
- Configure and harden industrial devices, controllers, gateways, and networks: secure boot, hardening baselines, account and credential management, logging, patch and vulnerability handling
- Build and maintain network segmentation, firewall rules, secure remote access, and monitoring setups across OT environments
- Carry out threat modelling and risk analyses on real designs, then turn findings into concrete engineering tasks and verifiable requirements
- Set up and run security testing as part of the development cycle: vulnerability scanning, fuzzing, penetration testing, and review of SAST/DAST results, including triage and follow-up with developers
- Contribute to incident response and forensics activities when security events occur in the field
- Help align engineering work with IEC 62443, ISO 27001, and emerging requirements such as NIS2 and the CRA
Your Background
- University degree (ETH / Uni / FH or equivalent) in computer science, electrical engineering, embedded systems, or a related technical discipline
- Several years of hands-on engineering experience in cybersecurity for OT, ICS, or embedded systems, ideally in industrial automation, transportation, energy, or similar
- Comfortable getting into the weeds: configuring devices, writing scripts, reading code, debugging network traffic, and working directly on hardware
- Practical experience with Linux, network configuration, packet capture and analysis (Wireshark, tcpdump), and at least one scripting language (Python, Bash)
- Working knowledge of firewalls, IDS/IPS, VPNs, and segmentation in industrial contexts
- Good understanding of OT-specific constraints: availability, safety, long lifecycles, and legacy systems, and limited patching windows
- Exposure to IEC 62443 and related standards is a plus, but practical engineering instinct matters more than certifications
- Structured and pragmatic, with the ability to explain technical risk clearly to fellow engineers and project stakeholders
- Fluent in German and English
Skills
BashCybersecurityDASTEmbedded SystemsFirewallsFuzzingHardwareIEC 62443ICSIDS/IPSIndustrial AutomationISO 27001LinuxNIS2OTPenetration TestingPythonSASTSegmentationThreat ModelingVulnerability ScanningVPNsWireshark
Don't send a generic resume
Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.
Get started free