Operational Technology Control Assessor

905 NE 11th Ave -ABDPosted Yesterday

Job Description

Everforth ECS is seeking an OT Control Assessor to work in our Portland,OR office. Please Note: This position is contingent upon contract award.

The Operational Technology (OT) Control Assessor supports the execution of security and risk control assessments across industrial control systems, OT networks, cyber-physical systems, and mission or facility environments. This role evaluates the design, implementation, and operating effectiveness of technical, administrative, and operational controls while accounting for safety, reliability, availability, and operational continuity requirements.

The ideal candidate has hands-on cybersecurity, control assessment, or OT/ICS experience; understands how security controls apply in operational environments; and can conduct evidence-based testing while collaborating with engineers, operators, system owners, and cybersecurity stakeholders.

Key Responsibilities

OT Control Assessment & Testing

Perform assessments of security and risk controls across OT systems, industrial control systems, supervisory control and data acquisition environments, distributed control systems, building automation systems, and related support infrastructure.

Evaluate control implementation, design effectiveness, and operating effectiveness using approved assessment methodologies and procedures.

Execute control testing through interviews, documentation reviews, configuration or architecture reviews, evidence analysis, and validation of operational procedures.

Collect, review, and validate assessment evidence while minimizing disruption to production, safety, mission, or facility operations.

OT/ICS Environment Analysis

Review OT architecture, network segmentation, data flows, asset inventories, trust boundaries, remote access paths, vendor access, logging coverage, and interfaces between enterprise IT and OT environments.

Assess operational practices related to change control, patching, vulnerability management, backup and recovery, incident response, account management, physical access, and configuration management in OT environments.

Identify control gaps, compensating controls, operational constraints, and risk tradeoffs that affect OT security, resilience, and mission continuity.

Framework & Standards Alignment

Assess OT controls against applicable frameworks, standards, and organizational baselines such as NIST, NIST SP 800-82, IEC 62443, NERC CIP, CIS Controls, ISO 27001/27002, and program-specific requirements.

Map OT control implementation and supporting evidence to applicable assessment objectives, regulatory requirements, contractual requirements, and risk management expectations.

Distinguish between enterprise IT control expectations and OT-specific constraints, compensating controls, safety requirements, and availability requirements.

Analysis & Documentation

Document assessment activities, evidence reviewed, testing approach, assumptions, limitations, and results clearly and accurately.

Develop or contribute to OT-focused findings, risk statements, evidence summaries, and remediation recommendations.

Support corrective action planning by recommending practical, risk-informed improvements that account for operational feasibility and system lifecycle constraints.

Maintain assessment workpapers and artifacts in accordance with program quality, audit-readiness, and evidence-handling expectations.

Stakeholder Collaboration

Work with OT engineers, control system operators, system owners, cybersecurity teams, facility personnel, vendors, and business stakeholders to understand control implementation and operational context.

Clarify assessment requirements, evidence needs, site coordination requirements, and testing expectations with technical and operational personnel.

Support presentations, status updates, and briefings of OT assessment results as requested by assessment leads or program leadership.

Risk, Safety & Compliance Support

Apply approved methodologies consistently to ensure assessment results are accurate, repeatable, defensible, and sensitive to safety and operational priorities.

Escalate significant control gaps, evidence limitations, safety concerns, availability impacts, or cyber-physical risk issues to assessment leadership.

Support audit readiness, compliance reporting, risk register updates, remediation tracking, and follow-up assessment activities for OT environments.

Continuous Improvement

Assist with improving OT assessment methodologies, checklists, templates, tools, evidence requests, and reporting processes.

Participate in lessons-learned activities, reassessments, and process improvement initiatives.

Stay current with evolving OT cybersecurity threats, control frameworks, regulatory requirements, assessment practices, and industry best practices.

See Your Match Score

About ECS

Website

More jobs at ECS

Enterprise Operations Manager - SME

2700 Prosperity Ave-MB

Infrastructure Management-VDI Administrator - Senior

2700 Prosperity Ave-MB

Change Management Specialist - Senior

2700 Prosperity Ave-MB

NOC Manager (SME)

2700 Prosperity Ave-MB

SOC Chief

905 NE 11th Ave -ABD

Junior Software Developer, Applications

5 Eagle Center-KC

Similar roles

Associate Director, Discovery Research Operational Excellence

AbbVie · North Chicago, IL

Operational Excellence Manager

PPG · Uusimaa, Finland

Operational Business Analyst

Cartrack · Kecamatan Setiabudi, Indonesia

Operational Support Associate

SIXT · Kansas City, , United States

Operational Excellence Advisor

Alberta Health Services · Edmonton, AB

Operational & Data Analytics Coordinator (Hybrid - Mississauga - Permanent)

TEKsystems · Toronto, ON