OT Cybersecurity R&D Lead Engineer

Since January of 2014, New Context Services, Inc. has been engaged with North American utilities and National Labs in the area of advanced cybersecurity research for industrial control systems (ICS). The areas of research have included: OT automated cyber threat detection and response, machine-readable threat indicators, firmware analysis and predictive threat modeling using GIS data.

New Context is a rapidly growing consulting company in the heart of downtown San Francisco. We specialize in Lean Security: an approach that leads organizations to build better, safer software through hands-on technical and management consulting. We are a group of engineers who live and breathe Agile Infrastructure, Systems Automation, Cloud Orchestration, and Information & Application Security. 

This position is part of New Context’s security and services research team. When COVID-19 travel restrictions are removed, the position may be expected to travel 10% to 20% of the time.


As an OT Cybersecurity R&D Lead Engineer, you will provide hands-on technical and software development consulting to our energy sector clients. You will work with clients in operational technology to develop capabilities that support cybersecurity threat information, automated response to cyber events, maturation of standards such as STIX and OpenC2, machine learning, and other upcoming research projects. The most successful persons will need hands-on experience with software development and operational technology (OT) systems in the areas of cybersecurity.

Many of our utility and energy sector contracts are funded by research grants which last 1 to 3 years. You will need to be comfortable with projects where much of the roadmap to success must be determined throughout the course of the contract. At the same time, you will need to draw on your industry experience to merge research deliverables in a manner that is congruent with how utility and energy sector organizations function. At the end of the day, you are responsible for delivering on the customer requirements.

Upcoming research projects may require experience in:

  • Software development of applications to integrate with microkernels which will perform automated responses to cybersecurity events.

  • Requirements and design review of technical specifications for ICS for electrical power grids.

  • Design of microkernel capabilities to support automated detection and response capabilities.

  • Review, test, and validate cybersecurity structured threat information in the STIXTM standard.

  • Review, test, and validate machine learning results in the cybersecurity domain.


  • Conduct research with customers and industry partners in the areas of: cybersecurity, threat intelligence, infrastructure automation, compliance, or regulatory requirements.

  • Participate in the development and maintenance of custom code used to develop tools (software or hardware).

  • Act as a consultant to customers and industry partners to meet the goals of the contract or research grant.

  • Participate in developing new or analyzing existing processes for customers and industry partners.

  • Creation and maintenance of systems infrastructure such as servers, applications, or networks to support project needs.

  • Make security architecture recommendations to customers that will improve security programs and posture.

  • Document work performed such as: technical documentation, updates to project management reports, lessons learned, white papers, and presentations.

  • Support management in the development of project proposals and plans.

  • Willingness to network with industry colleagues and bring new project ideas to the team.

Highly Desired

  • Competent with a programming language such as Python, Ruby, Go, C.

  • 2+ years working for a utility in a capacity with hands-on experience in one or more of the following areas: cybersecurity threat analytics, operational technology, cybersecurity operations, sharing of threat intelligence, security incident handling and response.

  • Experience and knowledge of Structured Threat Information Expression (STIXTM) and Trusted Automated eXchange of Indicator Information (TAXIITM).

  • Experience with using MITRE ATT&CK.

  • Experience with IT and OT security, regulatory and compliance frameworks that may include: NERC CIP, ISO/IEC 27001, SOC2, NIST 800-53, NIST 800-171

  • Formal IT Security/Network Certifications such as: CompTIA, SANS GIAC, ISC²

  • Familiar with: TCP/IP, firewalls, IPS/IDS systems, social engineering, intrusion detection, code auditing, forensic analysis.

  • An excellent communicator, experienced working with external clients and customers, and able to communicate productively with customers to explain technical aspects and project status.

  • Bachelor's degree in Computer Science or related field, or equivalent work experience: 4 years of relevant work experience within cybersecurity.

Required Qualifications

  • Must be a US Citizen 

We are committed to equal-employment principles, and we recognize the value of committed employees who feel they are being treated in an equitable and professional manner. We are passionate about finding ways to attract, develop and retain the talent and unique viewpoints needed to meet business objectives, and to recruit and employ highly qualified individuals representing the diverse communities in which we live, because we believe that this diversity results in conversations which stimulate new and innovative ideas.

Employment policies and decisions on employment and promotion are based on merit, qualifications, performance, and business needs. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Apply Now

Back to jobs