MODEC

OT Cybersecurity Specialist

MODEC

full-time

Posted on:

Location Type: Hybrid

Location: Rio de JaneiroBrazil

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cyber SecurityFirewallsIoT

About the role

  • Act as the technical focal point for OT cybersecurity across all FPSO operations, ensuring compliance with company governance, MODEC policies, and relevant standards (IEC 62443, NIST CSF, ISO 27019, IEC 61511).
  • Maintain and update the OT asset inventory (controllers, HMIs, servers, safety systems, network devices) and their configurations; control and document all configuration and software changes.
  • Manage OT equipment change control processes (Management of Change - MOC), ensuring cybersecurity and safety impacts are assessed, validated and authorized prior to implementation.
  • Administer and maintain OT networks and security infrastructure, including firewalls, IDS/IPS, zones/conduits and gateways to ensure segmentation, performance and compliance.
  • Oversee access control management for users, services and devices; enforce the principle of least privilege, audit access logs and control vendor remote access and the use of removable media (USB drives, HDDs, SSDs, etc.).
  • Perform continuous monitoring of cybersecurity events and alerts; coordinate detection, response and recovery of incidents aligned with global IT and OT cybersecurity, SOC and offshore Systems Technicians procedures.
  • Conduct vulnerability assessments and manage patching activities, balancing operational continuity, system safety and cybersecurity risk.
  • Implement and monitor encryption controls, key management and backup/recovery processes; validate business continuity and disaster recovery readiness through regular testing.
  • Support incident investigations and root cause analysis (RCA) for OT or cybersecurity events, ensuring corrective and preventive actions are implemented.
  • Execute compliance, assurance and audit activities, maintaining evidence for IEC 62443 certification, corporate governance and regulatory inspections.
  • Prepare and present cybersecurity performance reports (KPIs, incidents, compliance status) to asset owners, the OIM and corporate OT cybersecurity.
  • Coordinate with operations, maintenance, IT, vendors and corporate security to ensure secure OT–IT integration and vendor interventions are compliant.
  • Support digitalization and Industry 4.0 initiatives, ensuring cybersecurity controls are embedded in edge computing platforms, IoT and data analytics solutions.
  • Monitor emerging threats, Zero‑Trust security approaches and evolving standards to continuously improve FPSO cybersecurity resilience.
  • Drive continuous improvement of OT cybersecurity procedures, detection capabilities and governance documentation.
  • Participate in architecture reviews, control design and security assessments for Industry 4.0 implementations.
  • Ensure cybersecurity controls are incorporated by design into all new digital technologies deployed in OT environments.
  • Ensure ROC operations and digitalization projects comply with industry standards (e.g., IEC 62443, NIST CSF) and corporate cybersecurity policies.
  • Maintain oversight of remote monitoring, alerts and incident response to ensure safe and reliable operations.
  • Collaborate with functional safety engineers and SIS owners to align cybersecurity risks so they do not compromise Safety Integrity Levels (SIL).
  • Promote cyber awareness among operations and maintenance personnel, emphasizing safe practices for maintenance, bypass procedures and SIS replacement management.

Requirements

  • Education and Certifications:
  • - Degree in Electrical Engineering or related fields (Control and Automation Engineering, Computer Engineering, Telecommunications Engineering, Electrical Engineering, Mechatronics Engineering, Software Engineering, Communication Networks Engineering);
  • - Computer Science, Information Systems, or other related degrees.
  • Preferred Certifications:
  • - GICSP (Global Industrial Cyber Security Professional)
  • - CISSP (Certified Information Systems Security Professional)
  • - CISM (Certified Information Security Manager)
  • - CEH (EC-Council Certified Ethical Hacker)
  • - CISA (Certified Information Systems Auditor) or similar
  • - ISA/IEC 62443 Cybersecurity Specialist/Expert
  • - Functional Safety Engineer (advantage)
  • - ICS/SCADA cybersecurity courses from OEMs/vendors with practical hands-on experience.
  • Experience:
  • - Minimum of 5 years in OT/ICS cybersecurity, preferably in oil & gas, marine or FPSO environments;
  • - Strong experience with industrial control system architectures (e.g., DCS, PLC, SCADA, SIS, F&G);
  • - Practical knowledge of industrial communication protocols (Modbus, OPC, Ethernet/IP, Profibus, etc.);
  • - Familiarity with implementation of the IEC 62443 lifecycle and incident management frameworks;
  • - Ability to analyze logs, alerts and security events from OT and IT monitoring platforms;
  • - Comprehensive knowledge of OT cybersecurity standards and classification societies (IEC 62443, NIST 800-82, ISO 27001/27019, ABS, DNV, IOGP).
Benefits
  • Meal and food vouchers
  • Life insurance
  • Private pension
  • Profit sharing
  • Comprehensive health and dental plan covering dependents
  • Childcare/babysitting assistance for all employees with children, according to company policy
  • Gym subsidy, available to dependents
  • Provision of a baby stroller, according to company policy
  • Mental health program
  • Health monitoring support for employees with chronic illnesses
  • Lactation room for nursing employees in our offices
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
OT cybersecurityvulnerability assessmentsencryption controlsincident responsechange control processesconfiguration managementcontinuous monitoringrisk assessmentdata analyticsindustrial communication protocols
Soft Skills
collaborationcommunicationpresentationanalytical thinkingproblem-solvingcontinuous improvementcyber awareness promotionleadershiporganizational skillsroot cause analysis
Certifications
GICSPCISSPCISMCEHCISAISA/IEC 62443 Cybersecurity Specialist/ExpertFunctional Safety EngineerICS/SCADA cybersecurity courses