Job Description

Who We Are:

Headquartered in Canada with locations across the United States and around the globe with a footprint on six continents, Bulletproof, a GLI company has decades of technology, security, and compliance expertise. Bulletproof's work in the security space has been recognized nationally and globally with Microsoft's global Security Partner of the Year?in 2021 and the Microsoft Security Trail-Blazer Award in 2024.



At Bulletproof, our vision is to serve, secure, and empower the world through people and technology; one customer at a time. We believe everyone has the right to feel safe and secure. Our mission is to serve and protect organizations to ensure their success.

What we have to offer:

Challenging Work - We love solving highly complex problems. Across our teams and in all roles, every employee is empowered to bring their best ideas forward and to jump in and solve the problems they're passionate about. Great People - We are stronger, together, when we are open, honest, and above all, real. Every person is valued here and plays an important role in our shared success. Global Impact - As a global team spanning continents, boundaries, and cultures, every day we are inspired by the impact our work has on our colleagues, our customers, our communities, and the world at large. Diversity, Equity and Inclusion - We celebrate each other's differences, continuously strive for equality and recognize that inclusion makes us stronger as individuals, a company and a global citizen.

Position Summary:

As organizations increasingly converge IT (Information Technology) and OT (Operational Technology) environments, the need for specialized OT cybersecurity expertise within the Security Operations Center (SOC) is critical. OT includes the hardware and software systems that monitor and control industrial equipment, assets, and processes--such as SCADA, PLCs, and DCS--in industries like manufacturing, energy, and utilities. The OT Security Expert will play a pivotal role in developing and delivering SOC monitoring services tailored to the unique risks and requirements of OT environments.

Responsibilities:

Service Development & Implementation

Lead the design, development, and implementation of the SOC OT security monitoring service from the ground up, including defining architecture, selecting technologies, establishing processes, and ensuring alignment with industry best practices and organizational requirements. Work internally with technical and non-technical resources to develop a Go-to-market ready service. Lead the onboarding of new customers to the service.

Risk Assessment & Control Implementation

Proactively identify, assess, and document key cybersecurity risks relevant to OT environments. Implement and validate controls to mitigate identified OT risks.

Integration & Testing

Lead integration testing of new cybersecurity controls with OT and IT security systems. Collaborate with SOC analysts to ensure seamless monitoring of OT assets.

Policy & Compliance

Assist in establishing and maintaining plans, protocols, and operational procedures to protect customer OT systems from cyber threats. Review technical change requests for security and compliance risks. Conduct gap assessments and recommend improvements for compliance with industry standards (e.g., NIST CSF, NERC-CIP).

Continuous Improvement

Identify opportunities for process automation and efficiency in OT security monitoring. Stay current with industry trends, threat intelligence, and emerging OT vulnerabilities.

Incident Response & Investigation

Support the SOC in monitoring threat intelligence feeds and indicators of compromise specific to OT. Advise on risk treatment and response actions for OT incidents. Participate in investigations and audits related to OT security events. Train & provide knowledge transfer to SOC analysts on the technology.

Required Education/Credentials/Qualifications:

Education:

Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Computer Engineering, or related field.

Experience:

5-7 years of cybersecurity experience, with at least 3-5 years focused on OT security and risk management. Hands-on experience with OT security standards and frameworks (e.g., NIST CSF, NERC-CIP, CIS Controls). Familiarity with C-SCRM frameworks (e.g., NIST SP 800-161 Rev. 1) is an asset. Experience with IT/OT convergence and securing industrial protocols (e.g., Modbus, DNP3, OPC, etc.).

Certifications:

At least one of the following:

2 out of 4 (ISA/IEC 62443 Cybersecurity Certificate ICS300 (CISA/INL: Advanced Cybersecurity for ICS) GICSP (Global Industrial Cyber Security Professional)

Technical Proficiencies:

Strong understanding of IT/OT networking, security protocols (TLS, SSH, HTTPS), and technologies (VLANs, SD-WAN, firewalls, VPNs). Familiarity with the Microsoft Security stack (Microsoft Sentinel, Defender for Endpoint & Defender for IoT). Knowledge of Zero Trust Architecture, SSO, and MFA in OT contexts. Familiarity with Microsoft Entra ID, Domain Controllers, and network management (OSI Layers 1-7).

Soft Skills:

Excellent communication, analytical, and problem-solving skills. Ability to work independently and collaboratively in a fast-paced, agile environment. Strong organizational and project management abilities. Motivated, resourceful, and eager to drive continuous improvement.

Benefits:

Comprehensive Health, Dental, and Vision Insurance Optional Health 100% Employer Paid Health and Dental Plan Vacation Time RRSP Savings Plan with 100% match up to 3% of your salary Annual Discretionary Bonus Anniversary Reward Bonus Educational Assistance Program Additional Mental Health Benefits through our Employee Assistance Program

Equal Opportunity Statement:

Bulletproof is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Bulletproof is also committed to compliance with all fair employment practices regarding citizenship and immigration status.