We are guided by our passion to transform the way we power our world. Achieving our goals requires creativity, diversity of ideas and backgrounds, and building trust to effect change and move with speed.

Fluence currently has thousands of MW of energy storage projects operated or awarded worldwide in addition to the thousands of MW of projects managed by our trading platform—and we are growing every day.

Fluence is defined by its unwavering commitment to safety, quality, and integrity.

We achieve our goals and meet our customer’s needs by cultivating curiosity, adaptability, and self-reflection in our teams.

We value the diversity in thought and experience of our coworkers and customers. Through honest, forthcoming, and respectful communications we work to ensure that Fluence is an inclusive and welcoming environment for all. 

Operational Technology (OT) Cyber Security Engineer - Industrial Control Systems (ICS)

Job Description:

We are seeking an experienced Operational Technology (OT) Cyber Security Engineer with a specialized focus on Industrial Control Systems (ICS). In this role, you will play a critical part in ensuring the security and resilience of our OT environment, with a primary emphasis on SDLC and product security of software components used in our ICS.

Key Responsibilities:

1. SDLC Security Integration: Collaborate with cross-functional teams to integrate security measures into the Software Development Life Cycle (SDLC). Ensure security requirements are identified, implemented, and validated throughout all stages of software development.

2. Product Security Assurance: Conduct comprehensive security assessments, vulnerability testing, and code reviews for software components utilized in our Industrial Control Systems. Identify potential vulnerabilities and design flaws, and provide recommendations for remediation and mitigation.

3. Secure Code Development: Assist software development teams in adopting secure coding practices, including adherence to coding standards, secure libraries usage, and effective input validation techniques.

4. Threat Modeling: Perform threat modeling exercises to identify potential attack vectors and security weaknesses in software components. Work proactively to address these threats during the development process.

5. Incident Response: Collaborate with the Incident Response team to investigate and respond to any security incidents related to ICS software components. Provide technical expertise to support incident analysis and recovery efforts.

6. Security Awareness Training: Conduct training sessions to raise awareness among OT and development teams about potential cyber threats and best practices in ICS security.

7. Regulatory Compliance: Stay updated on relevant industry regulations and standards (e.g., NERC CIP, IEC 62443) to ensure compliance and alignment with best practices.

8. Risk Assessment: Assist in conducting risk assessments of software components and ICS environments, identifying and prioritizing potential security risks.

9. Security Documentation: Create and maintain technical documentation related to security assessments, vulnerability findings, and recommended remediation measures.

10. Continuous Improvement: Actively participate in the continuous improvement of security processes, methodologies, and tools used in the OT cyber security program.

Qualifications and Experience:

- Bachelor's degree in Computer Science, Cyber Security, or a related field. A Master's degree is a plus.

- Proven experience (3-5+ years) working in OT cyber security, with a focus on Industrial Control Systems and related software components.

- Solid understanding of SDLC and secure software development practices.

- Hands-on experience with vulnerability assessment tools, penetration testing, and security analysis tools specific to ICS environments.

- Familiarity with relevant ICS-related standards and regulations (e.g., NERC CIP, IEC 62443).

- Proficiency in programming languages commonly used in ICS environments (e.g., C, C++, Java, Python).

- Certifications such as CISSP, GIAC GICSP, or related credentials are highly desirable.

- Strong analytical and problem-solving skills with an ability to think critically and innovatively in complex cyber security scenarios.

- Excellent communication and interpersonal skills, able to work collaboratively and effectively across teams.

If you have a passion for securing critical infrastructure and a strong background in OT cyber security with expertise in Industrial Control Systems, we invite you to apply for this impactful role and contribute to the safety and reliability of our operational technology environment.