Security Specialist Principal; Operational Technology

Position: Security Specialist Principal (Operational Technology)
** Job Posting End Date
** 02-17-2026

Please note the job posting will close on the day before the posting end date.
** Job Summary
** At AEP, we’re more than just an energy company!
We’re a team of dedicated professionals committed to delivering safe, reliable, and innovative energy solutions. Guided by our mission to put the customer first, we strive to exceed expectations by listening, responding, and continuously improving the way we serve our communities. If you're passionate about making a meaningful impact and being part of a forward-thinking organization, this is the company for you!
** Job Description
** Responsible for enterprise-wide cybersecurity initiatives focused on protecting industrial control systems and operational technology. Provide direction to team members and lead efforts in the review, evaluation, and recommendation of emerging security technologies relevant to critical infrastructure. Lead and participate in security incidents and projects, directing assignments that enhance the security posture of the organization. Demonstrate advanced problem-solving and decision-making skills, along with deep knowledge of the cybersecurity landscape, particularly in industrial environments.

Frequently involved in the implementation, support, and utilization of technical solutions tailored to safeguard operational technology. Mentor team members and provide functional and technical guidance to ensure effective security practices are upheld.
** Applicants must be eligible to obtain a US security clearance
**** What You'll Do:
*** Lead the Cyber Intelligence & Response Center (CIRC) in the prevention, identification, and response of cyber threats across IT, OT, and cloud environments.
* Analyze logs, network traffic, endpoint telemetry and various other data sources to support investigations.
* Execute containment, eradication, and recovery steps in coordination with stakeholders while balancing the safety and operational continuity in industrial systems.
* Investigate incidents and produce concise response plans and after action reports covering containment, eradication, recovery, evidence preservation, remediation, and root cause analysis.
* Contribute to tabletop exercises, simulations and readiness activities focused on cyber events affecting operations.
* Participate in the development and refinement of playbooks, runbooks, and response procedures.
* Analyze cyber threat intelligence products to assess impacts on critical infrastructure.
* Coordinate incident response efforts with U.S. government agencies and industry peers.
* Collaborate on cyber threat and security best practices with government and industry partners.
* Maintain expertise in OT protocols, ICS, and SCADA systems for comprehensive threat detection.
* Familiar with SIEM platforms and network analysis tools used in OT environments.
* Conduct forensic analysis of host and network events to support investigations.
* Prepare and deliver engaging cyber threat briefings to diverse audiences.
* Reverse engineer malware to understand threats targeting industrial control systems.
* Communicate security challenges effectively to senior leadership.
* Promote diversity and ensure team members receive training for skill development.
* Create presentations on cybersecurity topics and simplify complex concepts.
* Formulate solutions for advanced security challenges and identify process improvements.
* Motivate the team to learn about security trends and foster professional growth.
** Nice to Have:*
* ** Demonstrable experience in one or more of the following disciplines:
*** Incident Response Analyst
* CIRC/SOC Lead
* Threat Intelligence or Counterintelligence Analyst
* Cyber Threat Hunting Analyst
* Malware Reverse Engineer
* Operational Technology Specialist, particularly in securing industrial control systems and related environments.
*
* Certifications:

*** CSFA, GCCC, GCDA, GCED, GCFA, GCFE, GCIA, GCIH, GCIP, GCTI, GDAT, GICSP, GMON, GOSI, GREM, GRID, GSOM, GXPN
* OSCP, OSEE
* CERT Incident Response Process Professional
* CREST Certified Host Intrusion Analyst
* CREST Certified Incident Manager
* CREST Certified Malware Reverse Engineer
* CREST Certified…