About the role

As an OT Security Engineer (m/f/d), you will be the hands-on cybersecurity expert securing our operational technology environment and SCADA systems across Battery Energy Storage Systems (BESS), wind farms, and solar parks which are Critical Infrastructure (KRITIS), ideally from our office in Munich.

This role combines SCADA system engineering, OT cybersecurity, and compliance expertise — ensuring our assets remain cyber-resilient, KRITIS/NIS2 compliant, and capable of real-time, secure data exchange.

You will design, implement, and continuously improve secure-by-design architectures, ensure compliance with KRITIS/NIS2, ISO 27001/27019, and relevant energy market regulations and protect real-time data flows between assets, control centers, energy trading platforms, and digital services.

This is a key technical position blending network security engineering, OT protocol expertise, and cybersecurity operations to protect our critical infrastructure and enable real-time, secure asset connectivity, that enables energy trading and delivery of grid services.

What You Will Do

• Design and maintain secure OT network architectures (segmentation, firewalls, VPNs, jump hosts)

• Design and maintain secure data exchange between SCADA systems, trading platforms, and grid operator interfaces (e.g., TSO/DSO gateways) for ancillary services participation

• Embed Zero Trust and security-by-design principles in SCADA/OT connectivity solutions

• Review and approve configurations for routers, gateways, and industrial firewalls

• Contribute to standardized OT security templates, network diagrams, and documentation

• Implement and manage security controls for OT systems: access control, patching, hardening

• Monitor OT network traffic, respond to anomalies, support SOC investigations

• Perform vulnerability assessments and coordinate remediation with vendors & operators

• Participate in incident response for OT-related security events

• Monitor and protect market-relevant control signals (dispatch commands, trading data) from tampering or delays that could impact energy trading operations

• Ensure SCADA and OT environments are compliant with KRITIS, BDEW Whitepaper, BSI IT-Sicherheitskatalog, NIS2, IEC 62443, ISO 27019, supporting secure grid connectivity and energy trading operations in line with ENTSO-E and TSO standards

• Ensure compliance with grid codes and cybersecurity requirements for ancillary services

• Maintain evidence for ISMS audits, assist during internal/external security audits

• Perform regular OT security risk assessments and contribute to risk treatment plans

• Work closely with SCADA team, Control Center, and Network & Communications team to secure connectivity

• Support project teams during new asset commissioning, ensuring secure device onboarding

• Mentor junior engineers and technicians on secure OT practices

• Act as a bridge between OT operations, IT security, and vendors

What you’ll need to succeed

• Bachelor’s or Master’s degree in Electrical Engineering, Industrial Automation, Computer Science, or Cybersecurity

• Experience: 3–6 years’ hands-on experience in OT/ICS environments (energy, utilities, manufacturing, or other critical infrastructure sectors)

• Proven experience with SCADA/DCS platforms and components such as PLCs, RTUs, HMIs, data loggers, and historian servers

• Solid understanding of OT protocols (IEC 60870-5-104, IEC 61850, OPC-UA, Modbus/TCP, DNP3)

• Experience working with energy trading interfaces or grid operator communication protocols (e.g., IEC 60870-5-104)

• Understanding of ancillary services (FCR, aFRR, mFRR) and their real-time SCADA/market communication requirements

• Demonstrated expertise in OT network design, segmentation, DMZ setups, VLANs, and firewall configuration (Fortinet, Palo Alto)

• Hands-on experience with Industrial Network Devices (routers, firewalls, switches, VPNs), jump servers, MFA, and secure remote access for SCADA/OT environments

• Knowledge of network monitoring, anomaly detection, IDS/IPS tools, SIEM log collection, and SOC processes

• Experience managing SCADA/OT servers and virtualized environments (e.g., Proxmox, VMware, Hyper-V) including configuration, resource management, and backup

• Familiarity with compliance frameworks and standards: KRITIS, NIS2, BDEW Whitepaper, BSI IT Security Catalog, ISO 27001/27019, IEC 62443, and ability to produce ISMS audit evidence

• Strong communication and documentation skills; fluent in English (German proficiency preferred)

• Hands-on team player who can mentor, document, and standardize solutions while staying pragmatic

• Strong analytical and troubleshooting skills

• Structured, proactive, and solution-oriented way of working

What’s in it for you?

• Being part of a highly motivated ever-growing and multicultural team that drives forward the energy revolution

• Innovative and fast-changing market and working environment

• Mobile working

• Flexible working hours

• Modern office atmosphere

• Company restaurant / Barista bar

• Discounted Conditions Fitness

• Discounted Online Shopping

Benefits can vary depending on the location and are not legally binding.