OT​/ICS Cybersecurity Engineer maritime or industrial network experience

Position: OT/ICS Cybersecurity Engineer with maritime or industrial network experience
Location: Panjim

OT/ICS Cybersecurity Engineer — Maritime (Consulting Engagement)
Remote | ⏱ Full Time / Part-time |  Immediate start

You will be architecting the cybersecurity engine inside a live maritime AI platform deployed on vessels globally.  This is not a policy or compliance role. It is hands-on OT security engineering in one of the world's most technically demanding environments — vessel networks at sea.

About eDOT Solutions
eDOT Solutions is a maritime technology and AI company headquartered in Goa, India, with offices in Texas and Philadelphia. Founded in 2004 by Capt. Ruchin

C. Dayal (Master Mariner, President — IIMS UK), eDOT has built six AI-powered maritime platforms serving ship management companies, maritime training institutes, and flag states globally.
Our cybersecurity platform, IntellisNET, is a next-generation OT/IT risk assessment and monitoring system built to satisfy IMO Resolution MSC.
428(98) obligations under the ISM Code. The platform is live at  and is in active sprint development, moving from prototype to production-grade deployment.

What this engagement covers
eDOT has produced a complete Risk Methodology (v3) and Network Intelligence Technical Brief — both standards-referenced, formula-verified documents covering the full scoring architecture.

Your role is to convert this into working, production-ready implementation.
You will be responsible for:
Reviewing and validating the FRS (Finding Risk Score) scoring engine — a four-pillar formula incorporating ACI (Asset Criticality Index), VS (Vulnerability Score based on CVSS v3.1), ES (Exposure Score), and PMF (Procedural Mitigation Factor), with differentiated OT/IT CIA weightings per NIST SP 800-82
Specifying and overseeing implementation of the NVD CVE pipeline — API integration, CPE string mapping, CVSS score ingestion, and asset-level vulnerability assignment
Designing the passive NMEA/OT listener architecture — a three-tier traffic classification system for detecting IDMZ breaches without active scanning on vessel OT networks
Defining scanner placement strategy for segmented vessel networks — IT segment active scanning via Windows agent, OT segment passive monitoring only, VLAN/monitoring port architecture for multi-segment vessels
Specifying the OUI-based MAC manufacturer identification layer and OEM whitelist methodology
Reviewing asset-normalised vessel scoring logic to ensure fleet comparability across vessels with different asset counts
Acting as technical authority for the development team during Sprints 5 and 6
Producing a final architecture handover document for eDOT's permanent cybersecurity team

The technical environment
Vessels operate with IT/OT network segmentation enforced by an IDMZ (Industrial Demilitarized Zone). OT assets — ECDIS, AIS, propulsion control, engine management — sit behind this segmentation and must never be actively scanned. IT assets are scannable via the Windows agent. The passive listener sits at the IDMZ boundary and monitors traffic signatures only.

Terms and standards you should already be familiar with:
IDMZ, OT/IT network segmentation, SPAN port / port mirroring, passive listener
CVE, CVSS v3.1, CPE string, NVD API
OUI (MAC manufacturer prefix) identification and device fingerprinting
IEC 62443-3-3 security levels and zone/conduit model
NIST SP 800-82 — particularly OT CIA weighting rationale
BIMCO Cybersecurity Guidelines v4
IMO MSC.
428(98) and MSC-FAL.
1/Circ.
3
Zeek, Suricata, Nmap, or equivalent passive/active network analysis tools

What we are looking for
Essential:
Demonstrated experience in OT/ICS security — vessel, offshore, or industrial environments all qualify
Hands-on experience with passive network monitoring tools and traffic analysis in OT environments
Working knowledge of CVE/CVSS scoring pipelines and NVD API integration
Ability to produce developer-ready specifications — pseudocode, data flow diagrams, API contracts — that a developer can implement without further interpretation
Experience working with development teams in an architect or technical authority role
Familiarity with IEC 62443 and NIST SP 800-82 at working level, not just awareness level
Advantageous:
Prior maritime industry experience —…