OT Security Engineer

Role: OT Security Engineer

Location: Prague, Hungary remote, Poland remote

Contract type: full time

About Carrier

At Carrier we make modern life possible by delivering innovative and sustainable ground-breaking systems and services that matter for people and our planet. We exceed the expectations of our customers by anticipating industry trends, working tirelessly to master and revolutionize them. This is why we come to work every day. And we do it The Carrier Way.

Join us and we can make a difference together.

About the role

The OT Security Engineer is responsible for securing the technologies that operate and control the organization’s critical industrial environments, including ICS, SCADA, PLCs, and other operational technology systems. This role ensures that industrial processes remain safe, reliable, and resilient by designing, implementing, and maintaining security controls across OT networks and assets. The OT Security Engineer partners closely with plant operations, engineering teams, and IT security to protect physical processes from cyber threats and support ongoing modernization of OT environments.

Benefits

We are committed to offering competitive benefits programs for all of our employees and enhancing our programs when necessary.

Among the many benefits, Carrier offers Exciting innovative environment, possibility for further development and international career opportunities, high-profile team, daily use of English and other foreign languages, language courses, Competitive remuneration and other benefits (meal vouchers, contribution to life or pension insurance, holidays etc.), Flexible working hours, possibility for home office, sick days.

Requirements

• 3–7+ years of experience in cybersecurity, industrial control systems, OT engineering, or related technical fields. 
• Hands-on experience with ICS/OT technologies such as SCADA systems, PLCs, DCS platforms, or industrial automation networks. 
• Understanding of OT networking concepts (Modbus, DNP3, OPC, BACnet, Profinet, EtherNet/IP). 
• Familiarity with OT security frameworks such as ISA/IEC 62443 or NIST 800-82. 
• Experience with one or more OT security platforms (Nozomi, Dragos, Claroty, etc.). 
• Strong troubleshooting skills in operational environments with high availability and safety requirements. 
• Experience implementing segmentation, firewalls, and DMZs for OT networks. 
• Knowledge of industrial protocols, vendor equipment (Rockwell/Allen-Bradley, Siemens, Schneider, Emerson), or SCADA platforms. 
• Experience with incident response in ICS environments. 
• Ability to write or review PLC logic (Ladder Logic, Function Block, Structured Text) is a plus. 
• Certifications such as GICSP, GRID, ISA/IEC 62443 Cybersecurity Certificates, CCNA/CCNP, or CISSP. 
• Strong communication and cross-functional skills; ability to work in safety-critical manufacturing or industrial environments. 

Responsibilities

OT Security Engineering & Architecture

• Design, implement, and maintain security controls for OT/ICS environments, including SCADA, PLCs, HMIs, engineering workstations, and plant networks. 

• Develop OT security architecture aligned with the Purdue Model, ISA/IEC 62443, and company security standards. 

• Support secure network segmentation between IT and OT, including firewalls, DMZs, and remote access solutions. 

Threat Detection, Monitoring & Incident Response

• Deploy and maintain OT monitoring tools (e.g., Nozomi, Claroty, Dragos) to identify anomalous behavior and potential intrusions. 

• Investigate security alerts related to industrial assets and support incident response activities within OT environments. 

• Analyze OT network traffic and develop detection logic for ICS-specific threats. 

Vulnerability & Risk Management

• Perform risk assessments on OT systems, control networks, and industrial equipment. 

• Identify and prioritize vulnerabilities in OT assets, including legacy systems with limited patching options. 

• Recommend compensating controls where traditional IT security techniques are not feasible. 

OT Asset & Configuration Management

• Maintain accurate inventory of OT assets, communication flows, and dependencies. 

• Assist in securing PLC logic, firmware, HMI configurations, and industrial device backups. 

• Collaborate with plant/operations engineers on secure configuration baselines for control system components. 

Secure Operations & Modernization

• Support secure integration of IIoT devices, sensors, and industrial automation technologies. 

• Evaluate third-party vendor solutions, remote support connections, and contractor access. 

• Provide engineering guidance during OT system upgrades, lifecycle replacements, and modernization projects. 

Cross-Team Collaboration

• Work directly with operations, plant maintenance, network engineers, and cybersecurity teams to ensure OT environments meet safety and security requirements. 

• Communicate risks and recommended safeguards to non-technical stakeholders in manufacturing and operational groups. 

Our commitment to you

Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way.

Join us and make a difference.

Apply Now!

Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Job Applicant's Privacy Notice:

Click on this link to read the Job Applicant's Privacy Notice