Operational Technology (OT) Cybersecurity Analyst
Indexed description
Our team's well-being is paramount, and we reflect this commitment through our flexible work environment and exceptional company culture. By joining RMC, you become a key contributor to our mission – Assuring Tomorrow!
When you join RMC, you'll experience a range of benefits, including:
- Comprehensive health, vision, and dental insurance plans fully covered for employees
- Subsidized dependent health care coverage
- Participation in our Annual Bonus Program
- Life insurance policy equivalent to 1x your annual salary.
- Company paid short and long-term disability
- Cell phone reimbursement of $65 per month
- 401(k) Plan with contributions
- A 401(k) Safe Harbor Employer Contribution Program, which includes a 3% contribution
Essential Functions
- Perform vulnerability and risk assessments for operational technology supporting critical infrastructure
- Perform vulnerability analysis using threat and hazard data and documents results in reports or other client-required deliverables
- Identify and assess critical asset dependencies or relationships to operational technology
- Collaborate with other Analysts and subject matter experts on assessment teams to produce high quality products to clients
- Review and advise on policies, order, directives and other information sources applicable to operational technology and critical infrastructure.
- Participate and contribute to working groups or meetings with the project team as needed
- Conduct vulnerability assessments of OT assets, applying risk-based prioritization that accounts for operational impact, compensating controls, and the consequences of patching in live industrial environments
- Map identified vulnerabilities to threat actor capabilities and likelihood of exploitation to support client risk decisions
- Track remediation efforts and validate closure of identified findings
- Client Engagement & Reporting
- Serve as a day-to-day technical point of contact for assigned clients, delivering regular briefings on threat landscape changes, incident status, and security posture
- Communicate findings clearly and professionally across technical, operational, and executive stakeholder levels
- Support clients in understanding and meeting cybersecurity obligations under relevant frameworks and regulations, including NERC CIP, NIST SP 800-82, IEC 62443, TSA Security Directives, and AWIA 2018, as applicable by sector
- Assist in the development and review of OT security policies, procedures, and security plans
- Coordinate with government partners, sector ISACs (E-ISAC, WaterISAC, MS-ISAC), and peer organizations to share and receive actionable threat information
- Collaborate with internal red team, engineering, and advisory practice staff to integrate findings into broader client security programs
- Participate in tabletop exercises, drills, and wargames simulating OT-targeted attack scenarios
- Stay current on emerging OT/ICS threats, vulnerabilities, and adversary campaigns through ongoing research, training, and industry engagement
- Contribute to the firm’s internal knowledge base, playbooks, and methodology development
- Significant foundational knowledge of cybersecurity principles as they apply to the OT environments of critical infrastructure industries (e.g., utility systems (electrical, water, gas, fuel etc.) and building automation systems)
- Demonstrable experience in the field of risk management, with a ability for translating complex cybersecurity requirements to actionable work plans
- Cyber supply chain risk knowledge as applicable to operational technology and critical infrastructure
- Excellent interpersonal and communication skills, capable of engaging with a spectrum of stakeholders from internal technical SMEs, executives, and administrative support staff to client decision-makers
- Proactive and inquisitive, committed to continual learning and adapting within fast-evolving industries
- Excellent writing skills, strong communication abilities, good time management and organizational skills
- Experience using Microsoft Office tools and applications such as Word, PowerPoint, Excel and SharePoint
- Work confidently in a fast-paced environment with the ability to support multiple projects
- Ability to work independently on multiple tasks with minimal direction to meet deadlines
- Good time management and organizational skills
- Ability to work in a team environment and take initiative to help ensure team tasks are successfully completed within required timelines
- Possess strong problem-solving skills and the ability to think outside-the-box
- Ability to perform logical analysis of complex cyber issues
- Familiarity with Federal and DoW Cybersecurity policy and initiatives, and NIST guidance
- Bachelor’s degree and 5+ years of experience in the industry
- CISSP
- CompTIA Security+
- GICSP
- GRID
- Security Clearance (Optional): Obtaining a DoD Secret Clearance. Applicants selected will be subject to a government security investigation and must meet eligibility requirements for clearance level required for the job.
- Valid Passport: Possession of a current passport with a minimum of 8 months remaining until the expiration date.
- Travel Flexibility: Willingness and capability to travel, CONUS approximately 15-20% of the time. Telecommunication is authorized for this role.
- Work Environment Compliance: Commitment to maintaining a drug-free work environment, U.S. Citizenship, and possession of a valid state driver's license.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search