Cybersecurity Engineering – Operational Technology Security Engineer - SkillBridge Intern

At Trane TechnologiesTM  and through our businesses including Trane® and Thermo King®, we create innovative climate solutions for buildings, homes, and transportation that challenge what’s possible for a sustainable world. We're a team that dares to look at the world's challenges and see impactful possibilities. We believe in a better future when we uplift others and enable our people to thrive at work and at home. We boldly go.

Job Summary：

The Cybersecurity Engineering Intern –Operational Technology Security Engineer will enable and engineer the operational execution of cybersecurity governance, security controls and capability implementations focused on Operational Technology including the security of the Network, Endpoint, and operational configurations. This position will directly contribute to the enterprise cybersecurity of Trane’s Operational Technology environment.  

The Cybersecurity Engineer intern –Operational Technology (OT) Security will serve as a point of contact for Operational Technology security within the organization for all matters related to OT security including security governance over Operational Technology, OT Network security and OT Endpoint security, OT security operations and security configurations.  

Responsibilities: 

• Develop an operational understanding of a company’s technology and information systems supporting Operational Technology (OT) environments
• Applies a risk-based approach to appropriately engineer and implement business enabling security solutions
• Design, implement, make changes to, and maintain security for OT systems and networks across the enterprise
• Support the monitoring and analysis of OT network traffic for security threats and incidents.
• Perform security assessments and support vulnerability analysis of OT systems and networks.
• Engineer and implement security capabilities to mitigate threats as they emerge
• Collaborate with OT and IT teams to ensure seamless integration of security solutions.
• Educate OT and IT personnel on security best practices and ongoing security awareness, Communicate vital information, security needs and priorities to leadership
• Represents Cybersecurity/Digital Risk within the Information Technology and manufacturing groups including infrastructure teams and the broader enterprise architecture organization.
• Stay up to date with the latest security threats, trends, and technologies in the OT domain.
• As required support the response to and resolution of security incidents, performing root cause analysis and taking corrective actions.

Qualifications:

• College degree or equivalent experience, 5 to 10 combined years related work experience. 
• 4 years in multiple IT disciplines with at least 2 years in cybersecurity.
• Understanding of OT systems, architectures, and protocols, including networks Process Logic Controllers (PLCs), Remote Terminal Units (RTUs), Distributed Control Systems (DCS), and Manufacturing Execution Systems (MES) in a manufacturing environment.
• Ability to quickly understand and digest business requirements, architecture diagrams and technical product documentation to develop engineering solutions.
• Working knowledge in multiple IT domains (mobile, endpoint, server, network, identity, cloud, etc…)
• Working knowledge of common authentication mechanisms (OAuth, OpenID, SAML, etc).
• Experience writing accurate technical documentation such as procedures, guides and knowledge articles to translate unstructured work to structured knowledge
• Expertise in security technologies, such as firewalls, intrusion detection and prevention systems, encryption, and access controls.
• Experience with security frameworks, such as NIST CSF, IEC 62443, and ISO 27001.
• Ability to troubleshoot complex security issues and identify solutions.
• Strong communication and interpersonal skills.
• CISSP (ISSAP, ISSEP), CISM, CISA a plus
• A background in systems or network administration/engineering/architecture a plus.

Key Competencies:

• Strong communication and interpersonal skills to explain technical subjects in plain language for business executives
• Familiarity with the operations of common information technology and security tools
• Understanding of OT systems, architectures, and protocols, including networks, Process Logic Controllers (PLCs), Remote Terminal Units (RTUs), Distributed Control Systems (DCS), and Manufacturing Execution Systems (MES) in a manufacturing environment.
• Familiarity with common regulatory and industry security requirements and frameworks
• Results-oriented engineer, with demonstrated problem-solving and decision-making skills.
• Actively engaged in the security industry to maintain relevant knowledge of best practices, tactics, strategies, and technologies.

We offer competitive compensation and comprehensive benefits and programs. We are an equal opportunity employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, pregnancy, age, marital status, disability, status as a protected veteran, or any legally protected status.