OT Security Engineer

Role: OT Security Engineer

Location: Prague, Hungary remote, Poland remote

Contract type: full time

At Carrier we make modern life possible by delivering innovative and sustainable ground‑breaking systems and services that matter for people and our planet. We exceed the expectations of our customers by anticipating industry trends, working tirelessly to master and revolutionize them. This is why we come to work every day. And we do it The Carrier Way.

Join us and we can make a difference together.

The OT Security Engineer is responsible for securing the technologies that operate and control the organization’s critical industrial environments, including ICS, SCADA, PLCs, and other operational technology systems. This role ensures that industrial processes remain safe, reliable, and resilient by designing, implementing, and maintaining security controls across OT networks and assets. The OT Security Engineer partners closely with plant operations, engineering teams, and IT security to protect physical processes from cyber threats and support ongoing modernization of OT environments.

We are committed to offering competitive benefits programs for all of our employees and enhancing our programs when necessary.

Among the many benefits, Carrier offers Exciting innovative environment, possibility for further development and international career opportunities, high-profile team, daily use of English and other foreign languages, language courses, Competitive remuneration and other benefits (meal vouchers, contribution to life or pension insurance, holidays etc.), Flexible working hours, possibility for home office, sick days.

• 3–7+ years of experience in cybersecurity, industrial control systems, OT engineering, or related technical fields.
• Hands‑on experience with ICS/OT technologies such as SCADA systems, PLCs, DCS platforms, or industrial automation networks.
• Understanding of OT networking concepts (Modbus, DNP3, OPC, BACnet, Profinet, Ether Net/IP).
• Familiarity with OT security frameworks such as ISA/IEC 62443 or NIST 800‑82.
• Experience with one or more OT security platforms (Nozomi, Dragos, Claroty, etc.).
• Strong troubleshooting skills in operational environments with high availability and safety requirements.
• Experience implementing segmentation, firewalls, and DMZs for OT networks.
• Knowledge of industrial protocols, vendor equipment (Rockwell/Allen‑Bradley, Siemens, Schneider, Emerson), or SCADA platforms.
• Experience with incident response in ICS environments.
• Ability to write or review PLC logic (Ladder Logic, Function Block, Structured Text) is a plus.
• Certifications such as GICSP, GRID, ISA/IEC 62443 Cybersecurity Certificates, CCNA/CCNP, or CISSP.
• Strong communication and cross‑functional skills; ability to work in safety‑critical manufacturing or industrial environments.

• Design, implement, and maintain security controls for OT/ICS environments, including SCADA, PLCs, HMIs, engineering workstations, and plant networks.
• Develop OT security architecture aligned with the Purdue Model, ISA/IEC 62443, and company security standards.
• Support secure network segmentation between IT and OT, including firewalls, DMZs, and remote access solutions.

• Deploy and maintain OT monitoring tools (e.g., Nozomi, Claroty, Dragos) to identify anomalous behavior and potential intrusions.
• Investigate security alerts related to industrial assets and support incident response activities within OT environments.
• Analyze OT network traffic and develop detection logic for ICS‑specific threats.

• Perform risk assessments on OT systems, control networks, and industrial equipment.
• Identify and prioritize vulnerabilities in OT assets, including legacy systems with limited patching options.
• Recommend compensating controls where traditional IT security techniques are not feasible.

• Maintain accurate inventory of OT assets, communication flows, and dependencies.
• Assist in securing PLC logic, firmware, HMI configurations, and industrial device…