The IT Analyst, Operational Technology (OT) and Cyber is responsible for the oversight of Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA) environments, and the protection of operational technology assets from cyber threats. This role focuses on identifying vulnerabilities, monitoring security events, supporting incident response, and ensuring the resilience of critical infrastructure systems in use by the Operating Services Company.
The IT Analyst works closely with internal and Operating Company engineering, IT, operations, and compliance teams to strengthen cybersecurity across industrial environments while maintaining system availability, safety, and regulatory compliance.
Monitor the Service Providers performance of managing the OT environments for cyber threats, anomalies, and suspicious activity using security tools and platforms and consult with, and advise, the Service Providers OT group for any issues observed.
Analyze alerts and incidents affecting industrial systems, including SCADA, PLCs, HMIs, DCS, and related infrastructure.
Conduct risk assessments and vulnerability reviews for OT assets and industrial networks. Partner with the OT Cyber group to ensure all incidents are fully investigated and appropriate response measures are taken to remediate risks.
Support incident response efforts for cybersecurity events impacting operational environments.
Assist in developing, documenting and maintaining OT cybersecurity policies, standards, and procedures to minimize system risks and vulnerabilities.
Collaborate with engineering and operations teams to resolve issues, implement security controls and assist in the annual testing for the OT environments with minimal disruption to production.
Maintain accurate and current asset inventories, network diagrams, and system baselines for OT environments.
Evaluate and recommend security technologies for industrial systems.
Participate in security audits, compliance assessments, and regulatory reporting.
Track emerging OT cyber threats, vulnerabilities, and industry best practices and provide recommendations on what practices should be modified to ensure LIPA and the service provider align with best practices.
Support disaster recovery, business continuity, and resilience planning for operational systems.
Perform other related duties, as necessary.
Bachelors degree in Cybersecurity, Information Technology, Engineering, Computer Science, or related field or equivalent experience.
Three (3) years of experience in cybersecurity, industrial control systems, or operational technology environments.
Must possess at least one (1) of the following industry certifications: GIAC GICSP, CISSP, Security+, or ISA/IEC 62443 certifications.
Knowledge of Windows, Linux, and embedded industrial systems.
Familiarity with network segmentation, zero trust principles, and secure remote access solutions.
Knowledge of OT/Industrial Control Systems (ICS) protocols such as Modbus, DNP3, OPC, IEC 61850, or similar.
Familiarity with SCADA systems, PLCs, Remote Terminal Units (RTUs), and industrial networking concepts.
Understanding of cybersecurity frameworks such as NIST, ISA/IEC 62443, or NERC CIP.
