Senior/Staff/Principal SWE – OT Security Engineering

🕒 vor 1 Monat

🗽 New York – Remote

🗽 New York – Remote

⏰ Vollzeit

🟠 Senior

👮‍♂️ IT-Sicherheitsingenieur

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

AppGate

WebsiteLinkedInAlle Stellen

501 - 1000 Mitarbeiter

🔒 Cybersecurity

🏢 Unternehmen

Cybersecurity • Enterprise

AppGate ist ein globales Cybersicherheitsunternehmen, das leistungsstarke Zero Trust Network Access (ZTNA)-Lösungen für Unternehmen und Regierungsbehörden anbietet. Die Plattform setzt auf identitätsbasierte, adaptive Zugangskontrollen, die mit Echtzeit-Risikobewertung, KI-gestützter Anwendungserkennung und einer direkt weitergeleiteten Architektur arbeiten, um Cloud-Engpässe zu vermeiden und in anspruchsvollen Umgebungen zu skalieren. AppGate bietet zudem professionelle Dienstleistungen und Beratung im Bereich Cybersecurity an — einschließlich Simulation von Angreifern, Penetrationstests und Risikoanalysen für Drittanbieterzugriffe — um Organisationen bei der Implementierung und Operationalisierung von Zero Trust-Kontrollen zu unterstützen.

Beschreibung

• **Secure Remote Access Platform: **Identity-bound, MFA-protected access anchored at the OT DMZ / Purdue Level 3, with session brokering, just-in-time privilege, and policy enforcement designed for industrial environments. • **Protocol-Aware Policy Authoring: **A Protocol Registry that maps OT protocol names (Modbus TCP, DNP3, IEC 61850, OPC-UA, EtherNet/IP) to port and transport defaults, making policy authoring OT-aware without changing the underlying enforcement model. • **Evidence and Audit Baseline: **Structured access logs capturing user identity, target, session start/end, and outcome - forwardable to Splunk, Kinesis, Datadog etc. supporting NERC CIP, IEC 62443, NIST SP 800-82, and CMMC audit requirements. • **Session Governance: **Enforced session recording, keystroke logging, step-up authentication, and dual-authorization approval workflows for regulated and defense environments. • **Asset Context Ingestion (Phase 2+): **API-based integration with OT visibility platforms (Dragos, Nozomi, Claroty) normalized into policy-ready attributes, without blocking access in the critical path. • **Design and implement **backend services across AppGate's distributed architecture — Controller, Gateway, and Connector components — with a focus on OT-safe deployment patterns. • **Build and maintain **REST and gRPC APIs supporting policy evaluation, access control, protocol registry management, and OT-specific system integrations. • **Apply Zero Trust principles **to remote access for industrial assets, accounting for the safety, uptime, and determinism constraints of OT environments. • **Integrate **with industrial protocols and OT asset types — PLCs, RTUs, HMIs, historians — running Modbus, DNP3, OPC-UA, Profinet, and EtherNet/IP. • **Own features end-to-end, **from architecture through production deployment in real customer environments. • **(Staff / Principal) **Define technical direction, lead architecture reviews, and support hiring as the OT engineering function scales.

🎯 Anforderungen

• **Experience: **Hands-on background building or operating secure remote access systems — VPN, ZTNA, jump servers, privileged access, session brokers, or equivalent. • **OT Domain Knowledge: **Direct experience in or with OT / ICS environments — manufacturing, energy, utilities, oil and gas, water, transportation, or defense. • **Technical Fundamentals: ** • Strong systems programming in Go, Rust, or a comparable language • Solid networking (TCP/IP, TLS, firewalls) and identity (SAML, OIDC, PKI) fundamentals • Familiarity with the Purdue Model and IT/OT DMZ design patterns • Working knowledge of OT protocols: Modbus, DNP3, OPC-UA, EtherNet/IP • **Mindset: **High ownership, end-to-end accountability, comfortable in a small team where you solve problems before they become fires.