Remote Operations Center OT Security Analyst
Black & Veatch · Overland Park, KS · 1 wk ago
HybridInformation TechnologyFull-time
About the role
The Remote Operations Center (ROC) Security Analyst protects critical industrial systems (ICS/SCADA) from cyber threats by monitoring networks, managing vulnerabilities in PLC/HMI devices, and enforcing security policies. This position is based out of the Black & Veatch World Headquarters in Overland Park, Kansas.
Responsibilities
- Monitor OT/ICS network traffic and system logs to detect, triage, and analyze security threats using specialized tools.
- Identify, assess, and prioritize vulnerabilities, working with engineering teams to remediate threats without disrupting production.
- Develop and maintain detailed inventories of OT assets, including network diagrams and configurations.
- Support incident investigations, evidence collection, and forensic analysis of security breaches within industrial systems.
- Interface with multiple parties for identification, diagnosis, and resolution of site operations and maintenance problems, including the site O&M team, site owner, regulatory agencies, site IT team, Remote operators, and B&V leadership.
- Engage in multiple aspects of ROC responsibilities including communications with clients as well as internal team members to maintain contractual obligations.
- Follow process and procedures for both site-specific projects and the Remote Operations Center.
- Stand watch in rotational shiftwork developed in coordination with the ROC Manager.
- Aid Monitoring & Diagnostics (M&D) teams using predictive analytics for proactive monitoring of power generation, renewables, process industries, and generation assets.
- Help mentor and develop less experienced team members.
- Performs day-to-day execution of assigned OT/ICS security monitoring, analysis, and incident response activities in accordance with procedures, playbooks, and escalation protocols.
- Plans and prioritizes assigned work to meet operational requirements and contractual commitments; provides timely status updates and communicates risks, issues, and dependencies to the ROC Manager and relevant stakeholders.
- Prepares and maintains accurate and complete records and deliverables (e.g., alerts, incident tickets, reports, procedures, and evidence) consistent with quality standards and applicable regulatory, contractual, and audit requirements.
- Identifies opportunities to improve detection coverage, logging, asset inventory accuracy, and operational procedures; recommends and implements approved enhancements in alignment with established change management practices.
- Collaborates with OT engineering, site operations and maintenance, and IT/security teams to coordinate remediation and security changes, with consideration for safety, reliability, and production continuity.
Qualifications
- High School Diploma Required
- 3+ years of experience in both IT and industrial, manufacturing, or critical infrastructure environments preferred.
- Previous experience related to Battery Storage, Solar, Wind, Simple Cycle Thermal Generation, or Combined Cycle Thermal Generation.
- Demonstrated knowledge of Power Plant systems and processes.
- Basic knowledge of NERC responsibilities.
- Basic knowledge of construction and constructability practices and principles.
- Experience with PLC, RTU, or DCS components and protocols.
- Familiarity with OT-specific security tools (e.g., Dragos, Nozomi, Claroty).
- Understanding of Purdue model network architecture and firewalls.