Field Device Technician

R 500000 - R 540000 Annually Basic Salary (Market related, Negotiable)

Our client based in Isando, Johannesburg is seeking a Field Device Technician to join their team. The Field Device Technician is responsible for the secure operation and lifecycle management of all OT (Operational Technology) devices, with a strong focus on cybersecurity risk mitigation, threat intelligence integration, and compliance with industry standards.

The role includes managing OT cyber hygiene, vulnerability patching, secure protocol configuration, and staying informed on current threat advisories and mitigations as issued by CISA (Cybersecurity and Infrastructure Security Agency). Technologies involved include Schneider EBO, PME, internally developed tools, and security platforms like Microsoft Defender for IoT, Claroty, and Dragos.

• Manage the lifecycle of OT field devices (e.g. HVAC, power meters, fire detection, telemetry equipment), planning for and managing end-of-life replacement projects.
• Manage the security of OT field devices, ensuring devices are hardened and securely configured.
• Monitor and action alerts from OT cybersecurity platforms and maintain integrations with external threat feeds including CISA vulnerability and advisory notifications.
• Subscribe to and track CISA ICS Advisories, Known Exploited Vulnerabilities (KEV) Catalog, and Alerts (AA).
• Translate relevant CISA guidance into action plans for patching, network segmentation, or threat mitigation.
• Collaborate with security teams to assess organizational exposure to newly published threats.
• Maintain an accurate, regularly updated OT asset database with vulnerability metadata and firmware status mapped to threat advisories.
• Ensure secure communication protocols (BACnet/IP Secure, Modbus/TCP with authentication, MQTT with TLS, secure NTP) are correctly implemented and monitored.
• Validate firmware updates and patches against current CISA and OEM advisories before deployment; develop rollback plans as needed.
• Align OT operations with global cybersecurity standards (IEC 62443, ISO27001, NIST CSF) and maintain robust change control and documentation.
• Create, maintain, and share incident response documentation for OT-specific vulnerabilities, referencing external advisories like CISA's.

• At least 3 years of experience in OT device management, including firmware updates, patching vulnerabilities, and managing communication protocols such as BACnet, Modbus, MQTT, and NTP.
• Strong understanding of security best practices for OT devices, including ISO27001.
• Experience with threat detection and management tools such as Microsoft Defender for IoT, Claroty, and Dragos.
• Knowledge of industry-recognized training in OT device management.
• Ability to work collaboratively with cross-functional teams, including BMS engineers, IT security teams, and vendors.
• Excellent communication and problem-solving skills.
• Strong project management skills and the ability to manage multiple projects simultaneously.
• Experience in configuring devices on Schneider EBO and PME, as well as on internally developed software and web applications.
• Knowledge of encryption standards such as TLS/SSL.
• Implement corrective actions promptly to mitigate the negative effects of system changes.
• Packet inspection, CVE analysis, asset management.
• Understanding of CISA alert classifications, vulnerability severity scoring (e.g., CVSS), and mitigation practices.
• Ability to coordinate with internal cybersecurity teams and external vendors to assess and implement technical controls.

• Matric / Grade 12 (essential)
• 3-year IT-related degree (preferred)
• Cybersecurity / Networking certification(s) preferred: CompTIA Security+, GICSP, CCNA/CCNP Security
• Certified OT Security Practitioner (ISA/IEC 62443)
• Threat intelligence or ICS-CERT awareness training
• Familiarity with CISA’s cybersecurity advisories, threat bulletins, and mitigation techniques.
• Strong understanding of secure networking principles and OT network zoning.

• Employees must demonstrate commitment to the Integrated Management System requirements and health and safety policies.
• Adhere to Occupational Health and Safety Act 85 of 1993, and ISO standards including ISO 27001, ISO 9001, ISO 14001, ISO 50001 and ISO 45001.
• Maintain confidentiality, integrity and accessibility of information for the company and clients.
• Commit to the implementation and maintenance of the Quality, Health, Safety and Environmental systems and relevant statutory compliance, including POPIA.

PLEASE NOTE THAT ONLY SHORTLISTED CANDIDATES WILL BE CONTACTED.