Job Description

The Lead Engineer – Operational Technology Network Security is responsible for designing, implementing, maintaining, and continuously improving security controls that protect operational technology environments, industrial networks, distribution center systems, and connected devices. This role serves as a subject matter expert for OT network segmentation, secure architecture, threat detection, vulnerability management, incident response, and compliance across enterprise operational environments. The position partners closely with Information Security, Infrastructure, Network Engineering, Distribution Center Operations, Facilities, Engineering, and business leaders to ensure OT environments are resilient, compliant, and aligned with enterprise security standards.

Primary Responsibilities

• Leads the design, implementation, and ongoing maintenance of security controls across operational technology networks, distribution center environments, industrial control systems, building automation systems, IoT devices, and connected operational platforms.

• Develops, refines, and implements OT security policies, procedures, standards, and reference architectures across multiple industrial, network, cloud, and application environments to meet internal and external compliance responsibilities.

• Oversees maintenance of service-level agreements and control performance expectations to ensure OT network security services, monitoring capabilities, and response activities are operating effectively.

• Partners with business, IT, engineering, facilities, and operations leaders to communicate OT security risks, evaluate business impact, and respond to requests for technical guidance, assistance, and information.

• Coordinates with network engineers, infrastructure teams, systems administrators, and site operations teams to ensure OT servers, network devices, industrial systems, and security devices conform to enterprise security standards and are operating as designed.

• Reviews technical and functional design documents and provides security architecture guidance for OT networks, network segmentation, remote access, identity and access management, secure connectivity, and data flows between IT and OT environments.

• Builds, maintains, and implements cybersecurity, network security, data security, and cloud-integrated security solutions that protect physical and intangible company assets.

• Serves as a subject matter expert for OT network security, including Purdue Model architecture, network segmentation, secure remote access, firewall policy, industrial protocol considerations, asset visibility, and compensating controls for legacy systems.

• Monitors, analyzes, and communicates emerging cyber threats, vulnerabilities, exploits, and adversary techniques relevant to OT environments, distribution centers, network infrastructure, and connected operational technologies.

• Provides technical support to network administrators and systems administrators, monitors and maintains current infrastructure, improves system performance, and automates security administration where appropriate.

• Responds to security alerts involving OT or network environments, escalates critical incidents to appropriate support teams, and participates in incident response exercises, tabletop exercises, and remediation efforts.

• Analyzes security metrics, operational control data, and KPIs to generate insights for executive and technical leadership review.

• Provides security briefings and technical recommendations to advise stakeholders on critical issues that may affect enterprise operations, distribution center availability, network resilience, or regulatory compliance.

• Consults with business and technical teams on the security impact of proposed technology, configuration, process, or architectural changes within OT and industrial network environments.

• Collaborates with product, engineering, operations, and information systems teams to ensure security requirements are embedded in technology lifecycle activities, including design, deployment, maintenance, and decommissioning.

• Provides technical guidance, coaching, and mentorship to Engineers I/II/III and other team members in executing tasks and responsibilities related to information security and OT network security.

• Supports audits, assessments, and compliance activities related to OT security, network security, cyber risk, information security standards, and applicable regulatory or customer requirements.

Education, Skillsets and Knowledge Qualifications

Education:

• Bachelor’s Degree in Computer Science, Information Technology or any other related discipline or equivalent related experience.

Preferred Certifications:

• Global Industrial Cyber Security Professional (GICSP)

• GIAC Response & Industrial Defense (GRID)

• ISA/IEC 62443 Cybersecurity Certificate or related ISA/IEC 62443 certifications

• Certification in Information Security Strategy Management (CISM)

• Certified Information Systems Security Professional (CISSP)

• CompTIA Security + Certification

• Cisco Certified Network Designations (CCNA, CCNP, CCIE)

Work Experience:

• 6+ years of directly-related or relevant experience, preferably in information security.

Behavioral Skills:

• Conflict Resolution

• Creativity & Innovation

• Decision Making

• Planning

• Presentation Skills

Technical Skills:

• Operational technology and industrial network security

• Network architecture, routing, switching, firewalling, VPN, IDS/IPS, proxies, and secure remote access

• OT network segmentation, Purdue Model architecture, zones and conduits, zero trust, and defense-in-depth

• Industrial cybersecurity frameworks and standards, including ISA/IEC 62443, NIST SP 800-82, NIST CSF, ISO 27001, PCI, and SOX where applicable

• Industrial protocols and environments such as Modbus, BACnet, OPC, Ethernet/IP, PROFINET, SCADA, PLCs, HMIs, and building automation systems

• Threat modeling, root cause analysis, vulnerability management, patch risk assessment, compensating controls, and exception management

• Identity and access management for privileged and remote access in OT environments

• Incident response, cyber operations, threat hunting, monitoring, and logging for hybrid IT/OT environments

• Cloud-connected OT and IoT/IIoT security considerations

• Security governance, compliance assessments, risk acceptance processes, and third-party risk reviews

• Business continuity, disaster recovery, and resilience considerations for operational environments

Tools Knowledge:

• Microsoft Office Suite

• Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc.

• OT and industrial security monitoring platforms such as Armis, Nozomi Networks, Claroty, Dragos, Microsoft Defender for IoT, or equivalent technologies

• Firewall and network platforms such as Palo Alto Networks, Fortinet, Cisco, Check Point, or equivalent technologies

• Ticketing, workflow, documentation, and collaboration tools

• Scripting or query languages such as Python, PowerShell, SQL, KQL, JavaScript, HTML/CSS, or equivalent tools used for automation, reporting, and analysis

What Cencora offers

We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members’ ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit https://www.virtualfairhub.com/cencora

Full time

Equal Employment Opportunity

Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.

The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.

Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@cencora.com We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned

Affiliated Companies

Affiliated Companies: AmerisourceBergen Services Corporation