ICS Cyber Security Engineer

CRH is a leading global diversified building materials group, employing over 75,800 people at more than 3,160 locations in 29 countries. CRH is the leading building materials company in North America and the world. We manufacture and distribute a diverse range of superior building materials, products, and solutions, which are used extensively in construction projects of all sizes.

The Cyber Security Engineer plays a critical role in bridging the gap between corporate IT security and plant floor automation across our global building materials manufacturing facilities (Cement, Readymix, and Asphalt). This role is responsible for designing, deploying, and maintaining cybersecurity controls to ensure maximum operational availability, physical safety, and data integrity. The engineer will safeguard critical continuous-flow and batch-processing environments—such as high-temperature kilns, milling operations, and automated batching systems—against emerging industrial cyber threats.

This role is based at our corporate office in the Perimeter area of Atlanta, GA – hybrid work schedule

• Heavy Industrial Project Delivery:
  Provide technical consultation and hands‑on engineering support to divisional automation teams for OT cybersecurity deployments, line expansions, and plant modernization projects.
• Industrial Control Management:
  Operate and manage enterprise‑grade industrial security solutions, including network segmentation (Purdue Model), secure remote access for third‑party OEMs, endpoint protection, backup/recovery, and firmware/patch management.
• Vulnerability Mitigation:
  Identify, assess, and safely mitigate cybersecurity vulnerabilities in legacy PLCs, HMIs, and SCADA networks without disrupting critical manufacturing uptime or causing environmental control issues.
• Logistics & Supply Chain Security:
  Secure the integration points between OT plant networks, proprietary batching/mixing software, weighbridges, and bulk logistics/distribution interfaces.
• Monitoring & Incident Response:
  Maintain OT visibility platforms, construct relevant search queries within SIEM/log management tools, and participate in incident response planning tailored to physical process disruption and disaster recovery.
• Culture &
  
  Collaboration:
  
  Build strong relationships with site‑level electrical, instrumentation, and automation engineers, fostering a culture of cybersecurity awareness across highly distributed plant environments.

• 5+ years of experience in IT/OT operations, system administration, or industrial cybersecurity engineering, preferably within heavy industry, process manufacturing, or mining/aggregates.
• Exceptional interpersonal and technical documentation skills, with the ability to translate complex security risks into concrete operational impact for plant floor personnel.
• Self‑motivated, methodical, and process‑driven with a proven track record of delivering complex infrastructure projects within tight operational shutdown/turnaround windows.
• Deep understanding of OT networks, architectures (Purdue Model), and typical cyber threats facing heavy industrial Cyber‑Physical Systems (CPS).
• Hands‑on experience with Windows Server/Workstations, industrial networking, virtualization hosting environments, and robust backup/disaster recovery solutions for plant networks.
• Proven experience with Cyber‑Physical Systems (CPS) visibility platforms (e.g., Claroty, Armis) and security tooling (Endpoint Protection, Network Security).
• Strong grasp of industrial incident response, change management, and exposure to log management/SIEM tools (e.g., Splunk) for threat detection.
• Direct familiarity with global industrial and IT security standards, with a strong emphasis on ISA/IEC 62443, supported by NIST CSF 2.0 and ISO 27001.
• Bachelor’s degree (or equivalent experience) in Automation Engineering, Electrical Engineering, Information Technology, Computer Science, or Industrial Cybersecurity.
• Preferred certifications include SANS/GIAC (GICSP, GRID, GCIP), ISA/IEC 62443 Expert, CISSP, or relevant network infrastructure credentials (e.g., CCNA).

• Highly competitive base pay
• Compre…