ICS Cybersecurity Engineer/Segmentation/RA

Responsibilities

We are seeking a highly skilled and innovative ICS Cybersecurity Engineer/Segmentation/RA to join our team in the greater DMV area, supporting the Army National Guard.

 

Responsibilities

• Design secure segmentation architectures for ICS/OT environments using zoning, conduits, and access‑control strategies aligned with IEC 62443 and NIST SP 800‑82.
• Conduct risk assessments evaluating exposure, safety impacts, threat vectors, and potential operational consequences for industrial control systems.
• Develop mitigation strategies, firewall/ACL policies, network isolation controls, and secure remote access designs to reduce lateral movement and operational disruption.
• Create and validate segmentation diagrams, data‑flow models, and conduit definitions to support secure integration of ICS/OT with enterprise networks.
• Produce remediation roadmaps, technical risk reports, and prioritized POA&Ms that support resilience and regulatory/compliance requirements.
• Coordinate with control system engineers, network teams, SOC/CIRT, and safety stakeholders to validate designs and minimize safety/availability impacts.
• Oversee testing and validation of segmentation controls (risk acceptance tests, functional verification, failover behavior) in lab and production staging environments.
• Maintain configuration/change records, evidence for audits, and documentation supporting accreditation and continuous monitoring.
• Mentor engineering teams on ICS security best practices and integration of segmentation into lifecycle processes.

#ENOCS

Qualifications

Qualifications

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
• Clearance: Active TS/SCI clearance.

• Candidate must meet ONE of the following:

  • Bachelor’s degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or a related field; OR
  • Relevant DoD/military training (examples: F07DZZ1; M03385G; M10395B; M223854; A‑531‑0021; W‑250‑0750; A‑150‑1980; A‑102‑8484; A‑150‑1250; A‑150‑1940A; A‑150‑1941; A‑150‑1903; A‑102‑3131; A‑150‑1855; A‑150‑1940; A‑113‑0205; A‑113‑0175; A‑113‑0018; A‑113‑0382; A‑113‑0027; A‑113‑0383; A‑113‑0202; A‑113‑0233; DISA (451) Training (Linux/Windows); System Administrator (Intermediate) Playlist); OR
  • Relevant professional certification or equivalent experience (examples: CompTIA Cloud+; GICSP; GSEC; Security+; SSCP).

• Required experience and skills:

  • Cybersecurity, network, or ICS/OT engineering experience with at least 3 years designing/implementing segmentation or network security for industrial/control environments.
  • Deep knowledge of IEC 62443, NIST SP 800‑82, ICS protocols, safety considerations, and impact of security controls on availability and safety.
  • Hands‑on experience authoring firewall/ACL policies, conduit definitions, zone architecture, and secure remote access designs for OT/ICS.
  • Proven ability to perform technical risk assessments, produce remediation roadmaps, and coordinate cross‑functional mitigation efforts.
  • Experience validating segmentation through testing (packet traces, functional tests) and integrating telemetry into SOC/CIRT detection workflows.
  • Strong documentation skills for architecture diagrams, change records, and audit/evidence artifacts.

• Desired:

  • Prior DoD/industrial control/utility or ARNG ICS/OT security experience.
  • Experience with industrial network devices, protocol analyzers, and secure gateway/DMZ implementations for ICS.
  • Familiarity with safe failover testing, control‑system vendor constraints, and coordinating security with safety engineers.

#ENOCS

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.