DD-WRL-009
Operational Technology (OT) Cybersecurity Engineering OPM Code: TBD

Conducts research, conceptualizes, designs, develops, and tests secure technology systems, including on perimeter and cloud-based networks.

Responsible for working within the engineering department to design and create systems, processes, and procedures that maintain the safety, reliability, controllability and security of industrial systems in the face of intentional and incidental cyber events. Interfaces with Chief Information Security Officer, plant managers and industrial cybersecurity technicians.

Code Description Work Roles
T0067 Develop architectures or system components consistent with technical specifications 1
T1069 Evaluate organizational cybersecurity policy regulatory compliance 3
T1070 Evaluate organizational cybersecurity policy alignment with organizational directives 3
T1124 Restore essential system capabilities and business functions after catastrophic failure events 4
T1163 Develop cybersecurity countermeasures for systems and applications 2
T1164 Develop risk mitigation strategies for systems and applications 2
T1185 Maintain stakeholder communication channels 3
T1187 Establish internal and external cross-team relationships 2
T1243 Oversee configuration management 2
T1244 Develop configuration management recommendations 2
T1338 Develop cybersecurity capability strategies for custom hardware and software development 2
T1345 Recommend improvements to procurement activities to address cybersecurity requirements 6
T1527 Define baseline system security requirements 5
T1619 Perform risk and vulnerability assessments 2
T2028 Develop OT inventory model for cybersecurity  1
T2029 Serve as OT engineering subject matter expert during development of change management policies and procedures 1
T2030 Determine if implementation of security measures and controls meets regulatory standards and is in compliance with legal or policy requirements 1
T2031 Identify gaps in OT network architecture 1
T2032 Assign security level targets to network zones for control systems 1
T2033 Create a change management plan 1
T2034 Design cybersecurity tools for OT systems 1
T2035 Perform a process hazard analysis (PHA) 1
T2036 Review policies, standards, and regulations for conflicts that may create control system vulnerabilities 1
T2037 Create cybersecurity inspection and test policies and procedures for OT systems 1
T2038 Develop system procurement specifications 1
T2039 Determine the impact of cybersecurity requirements on costs and budgeting 1
T2040 Conduct cybersecurity reviews of OT system engineering plans and documentation 1
T2041 Participate in safety system design processes to counteract potential cybersecurity sabotage 1
T2042 Generate cyberattack scenarios of serious physical consequence 1
T2043 Oversee implementation of system controls 1
T2044 Develop system upgrade specifications 1
T2045 Assign networked engineering assets to security zones 1
T2046 Communicate implication of new and upgraded technologies to cybersecurity program stakeholders 1
T2047 Inventory OT assets 1
T2048 Recommend cybersecurity requirements for integration in continuity planning 1
T2049 Serve as OT engineering subject matter expert for cybersecurity standards, policies, and procedures development 1
T2050 Serve as OT engineering subject matter expert for development of organizational cybersecurity risk management plan 1
T2051 Train cybersecurity defense technicians on OT system processes and procedures 1
Code Description Work Roles
K0663 Knowledge of industry standards and best practices 1
K0675 Knowledge of risk management processes 41
K0676 Knowledge of cybersecurity laws and regulations 41
K0677 Knowledge of cybersecurity policies and procedures 41
K0678 Knowledge of privacy laws and regulations 41
K0679 Knowledge of privacy policies and procedures 41
K0680 Knowledge of cybersecurity principles and practices 40
K0681 Knowledge of privacy principles and practices 40
K0721 Knowledge of risk management principles and practices 19
K0728 Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices 20
K0729 Knowledge of non-repudiation principles and practices 20
K0730 Knowledge of cyber safety principles and practices 20
K0734 Knowledge of Risk Management Framework (RMF) requirements 14
K0735 Knowledge of risk management models and frameworks 13
K0822 Knowledge of risk tolerance principles and practices 2
K0835 Knowledge of risk assessment principles and practices 8
K1076 Knowledge of risk scoring principles and practices 3
K1122 Knowledge of configuration management principles and practices 2
K1180 Knowledge of organizational cybersecurity goals and objectives 11
K1182 Knowledge of organizational cybersecurity policies and configurations 3
K1285 Knowledge of assessment remediation requirements 1
K1286 Knowledge of Business Impact Analysis (BIA) 1
K1287 Knowledge of change management processes 1
K1288 Knowledge of OT cybersecurity compliance requirements and best practices 1
K1289 Knowledge of control system environment risks, threats, and vulnerabilities 1
K1290 Knowledge of the Active Cyber Defense Cycle (ACDC) 1
K1291 Knowledge of active defense principles and practices 1
K1292 Knowledge of OT cybersecurity risk tolerance levels 1
K1293 Knowledge of Purdue Model levels 1
K1294 Knowledge of change management policies and procedures 1
K1295 Knowledge of OT cybersecurity inspection and testing policies and procedures 1
K1296 Knowledge of control system policies and procedures 1
K1297 Knowledge of OT safety systems 1
K1298 Knowledge of anomaly detection tools and techniques 1
K1299 Knowledge of change management processes 1
K1300 Knowledge of control system network architectures 1
K1301 Knowledge of cyber incidents impacting OT 1
K1302 Knowledge of industry hazards 1
K1303 Knowledge of life cycle management principles and practices 1
K1304 Knowledge of operational priorities 1
K1305 Knowledge of OT asset management tools and techniques 1
K1306 Knowledge of OT assets 1
K1307 Knowledge of OT inventory principles and practices 1
K1308 Knowledge of OT network detection tools and techniques 1
K1309 Knowledge of OT protocols 1
K1310 Knowledge of process hazard analysis (PHA) assessments 1
K1311 Knowledge of system assets and boundaries 1
Code Description Work Roles
S0141 Skill in assessing security systems designs 5
S0385 Skill in communicating complex concepts 9
S0386 Skill in communicating verbally 4
S0387 Skill in communicating in writing 4
S0391 Skill in creating technical documentation 7
S0430 Skill in collaborating with others 9
S0459 Skill in creating security assessment reports 1
S0461 Skill in integrating security requirements and contracts 1
S0531 Skill in assessing security hardware and software 1
S0673 Skill in translating operational requirements into security controls 8
S0686 Skill in performing risk assessments 12
S0806 Skill in performing incident responses 3
S0939 Skill in performing event analysis 1
S0940 Skill in performing risk-based gap analysis 1
S0941 Skill in identifying gaps in control system network and connectivity architecture 1
S0942 Skill in performing system recovery for control system environments 1
S0943 Skill in connecting to OT assets 1
S0944 Skill in designing and specifying OT systems 1
S0945 Skill in evaluating OT vendor products 1
S0946 Skill in interpreting OT network drawings 1
S0947 Skill in interpreting risk assessments 1
S0948 Skill in performing zone conduit requirement analysis 1
S0949 Skill in recognizing and acknowledging unique contributions from varying skillsets 1
S0950 Skill in reviewing access control lists and firewall rules 1
S0951 Skill in securing control system communication protocols and media 1