Sentar Inc. · 1 month ago
Intermediate ICS/OT Cybersecurity Engineer
Huntsville, AL
Full-time
Onsite
Mid Level
3+ years expSentar Inc. is an employee-owned company dedicated to cybersecurity and systems engineering. They are seeking an Intermediate ICS/OT Cybersecurity Engineer to focus on the security hardening of Facility Related Control Systems and ensure compliance with UFGS standards.
AnalyticsCyber SecurityInformation ServicesInformation TechnologyIntelligent Systems
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Assist in the post-construction cybersecurity hardening of ICS/OT systems, including PLCs, SCADA, Security Systems, Fire Alarms, Electrical Panels, HVAC, and other control system components
Implement security controls and configurations in accordance with UFGS 25 05 11 requirements, including hardening operating systems to configure system boundary protection, access control, and audit logging
Run Security Content Automation Protocol (SCAP) scans to assess system compliance and identify vulnerabilities in ICS/OT environments
Apply DISA Security Technical Implementation Guides (STIGs) to harden operating systems, applications, and network devices within control system architectures
Conduct vulnerability assessments and risk analyses on control systems using various automated and manual techniques to identify and mitigate potential security gaps
Collaborate with architecture and engineering teams to ensure cybersecurity measures are integrated into system designs both pre and post-construction
Support the development, documentation, and submission of System Security Plans (SSPs), Risk Management Framework (RMF) artifacts, and compliance reports aligned with UFGS standards to achieve and maintain Authorization to Operate (ATO)
Utilize eMASS to input, track, and manage cybersecurity controls, vulnerabilities, and ATO packages under senior engineer guidance
Perform security testing (e.g., system scans, penetration testing, configuration reviews) to validate hardening measures and ensure ATO readiness
Stay up-to-date on emerging threats, vulnerabilities, and industry standards affecting ICS/OT environments
Qualification
Required
CompTIA Security+ is required
Bachelor's degree in Cybersecurity, Electrical Engineering, Computer Science, or a related field (or equivalent experience)
Basic understanding of ICS/OT protocols (e.g., Modbus, DNP3, OPC)
Familiarity with cybersecurity frameworks such as NIST 800-53, NIST 800-82, UFGS 25 05 11, and IEC 62443
Familiarity with eMASS for managing RMF workflows and generating/updating ATO documentation
Experience with network security scanning tools (e.g., ACAS, Nessus) and system hardening techniques
Knowledge of Windows and Linux operating systems in industrial environments
CISCO command line interface
Strong analytical and problem-solving abilities
Excellent communication skills for documenting findings and collaborating with cross-functional teams
Ability to work under varying degrees of supervision and learn quickly in a multi-project environment
Demonstrated ability or willingness to learn UFGS 25 05 11 compliance requirements, including hardening control system components post-construction
Basic understanding of the ATO process, including preparing systems for assessment, addressing Plan of Actions and Milestones (POA&Ms), and maintaining compliance post-authorization
Willingness to travel to project sites as needed for hands-on hardening and validation activities including international
Secret Clearance is a requirement. Must be eligible to obtain security clearance or possess an active clearance already
Travel is a requirement for this position. Locations for flyaway work can be worldwide and in very remote locations, and can be for up to 3 weeks at a time in rare cases. Common duration is 1 week onsite. Passport holders are preferred
Preferred
Active CISSP or willingness to obtain within the first year strongly preferred
3-5 years of experience in cybersecurity with direct exposure to FRCS/ICS/OT environments or control systems is preferred
Familiarity with post-construction phases of facility-related control system projects
Experience with Risk Management Framework (RMF) or DoD cybersecurity compliance processes, including ATO lifecycle management
Hands-on experience using eMASS for control implementation, documentation, or reporting
Experience running SCAP scans and applying DISA STIGs in a technical environment
Basic scripting skills (e.g., Python, PowerShell) for automation of hardening tasks
Benefits
Voluntary Medical, Dental, Vision, with Health Savings or Flexible Spending Plan options
Voluntary Life, Critical Illness, Accident, and Long Term Care insurance options
Group Term Life, Short-Term and Long-Term Disability is provided by Sentar to all qualifying employees
Generous 401(k) match
Competitive PTO plan that graduates quickly with years of service
Other leave programs; holiday schedule along with bereavement, maternity, jury and military duty
Mental health awareness programs
Tuition reimbursement
Professional development reimbursement
Recognition and Awards programs
Company
Sentar Inc.
Sentar, an employee-owned company, is a leading cyber-intelligence solutions provider focused on the National Security sector.
201-500 employees
Funding
Current Stage
Growth StageTotal Funding
unknownKey Investors
US Department of Energy
2023-08-17Grant
2021-03-11Acquired
Leadership Team
Peter Kiss
CVO/Visionary
Stephen Pratt
Chief Information Security Officer (CISO) / Director of Programs, Cyber Risk & Compliance Sector
Recent News
2025-07-15
Company data provided by crunchbase