Lead Operational Technology (OT) Cybersecurity...

We are seeking a senior or lead level OT/ICS cybersecurity technical expert with a minimum of 8 years of industry experience or equivalent. This team works closely with our government and critical infrastructure sponsors and their stakeholders to improve the cybersecurity of mission critical operational technology systems. A collaborative approach and interest in building relationships based on an understanding of our sponsors' unique missions, constraints, and opportunities is as important as specific technical skills working within OT environments. We are looking for candidates with both a breadth of cyber experience and a depth of knowledge in one or more areas listed below for direct application to our sponsors' problems:

• Working directly with government and critical infrastructure operators to develop requirements for new cyber protection technologies, perform applied research and development activities, develop operational pilots, and assist in transition to operational use.

• Developing and operationalizing cyber sensors and analytic architectures to enable more efficient and effective OT cybersecurity operations, threat-hunting, and forensic analysis. Execute technical and programmatic duties in the delivery and integration of cyber technologies into stakeholder environments.

• Conducting cyber mission dependency, criticality, mission failure, and adversary cyberattack scenario analyses to inform design of OT resilient architectures.

• Researching, developing, operationalizing, evaluating, and improving OT defensive tactics, techniques, and procedures (TTPs) for detecting and responding to cyber threats, and

• Bachelors in one of the following disciplines: Chemical Engineering, Computer Engineering, Electrical Engineering, Systems Engineering or similar technical field.

• Typically requires a minimum of 8 years of related experience with a Bachelor's degree; or 6 years and a Master's degree; or a PhD with 3 years' experience; or equivalent combination of related education and work experience.

• Experience in multiple areas listed under Job Responsibilities.

• Applicants selected for this position will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

• Experience in OT cybersecurity, OT protocol analysis, and/or process control.

• Must be U.S. citizen able to obtain a TS clearance within 1 year of hire.

• This position requires a minimum of 50% hybrid on-site

Preferred Qualifications:

• Hands-on experience with programming PLCs, field instrumentation, in an operational or lab environment.

• Hands-on experience with configuring industrial networks and maintaining a domain in an operational or lab environment.

• Experience designing or modifying OT systems, OT network monitoring, or OT adversary emulation.

• Experience with embedded system firmware or real-time operating systems.

• Proficiency with scripting and software development language(s) (Python, Java, C/C++, JavaScript, etc.)

• Familiarity with cybersecurity policies and standards, including: NIST SP 800-82, NERC-CIP, DoD Zero Trust Strategy, IEC 62443.

• Familiarity with relevant technologies, such as Operational Technology (OT) Protocols (Modbus, DNP3, ProfiNET, etc.) and related protocols (BACnet, CAN, MIL-STD-1553, etc.) as well as development with OT related tools (ladder logic, IEC 61131, PAC Machine Edition, TIA Portal, etc.) and knowledge of security unique to OT and cyber-physical systems

Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges-and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day-working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities for career growth, and a culture of innovation that embraces adaptability, collaboration, technical excellence, and people in partnership. If this sounds like the choice you want to make, then choose MITRE - and make a difference with us. Department Summary: The CI Assessments, Analytics, and Resiliency department (L541) is focused on defending and strengthening our nation's critical infrastructure. L541 supports a full range of defensive operations and activities including threat-informed risk assessment and mitigation, adversary hunting, adversary emulation, and detection engineering with a special focus on operational technology (OT). It is the expertise in OT and knowledge of threats and security controls and techniques that differentiates the department's work from traditional information technology cybersecurity. L541 also brings this specialized knowledge to other domains of security and safety engineering including resilience engineering and infrastructure susceptibility assessments. The department is continuously developing, refining, and tailoring capabilities to meet the needs and special requirements and constraints when working with operational technologies in critical infrastructure. The department moves the state of the art in securing CI by sharing our thought leadership both within and outside of MITRE via TEMs, conferences, presentations, and publications. This is how the CI Assessments, Analytics, and Resiliency department helps create a world with safe and resilient cyber infrastructure., Copyright © 1997-2026, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.