Graham Packaging

OT Cybersecurity Analyst

ID
2026-14455
Category
Information Technology
Type
Full-Time
Location : Physical Work Location Display Name
Non Facility Specific

Company Statement

Graham Packaging is a people, planet and values-based company and a leader in sustainable packaging manufacturing. From the kitchen to the laundry room, Graham Packaging is part of your everyday life.

For employees at Graham, our Blue Culture is part of their everyday lives, too. In other words, Blue is how we do things here.

At Graham, we are united by a clear vision. We know our part and help those around us know theirs, encouraging one another to continuously improve. We create a safe, challenging environment to innovate by supporting creative ideas and new ways of thinking. We take the initiative to cultivate our individual growth and help others do the same, while keeping ourselves and one another accountable. And we actively promote cooperation, collaboration, integrity and respect across regions and teams to foster an engaged, diverse and connected workforce.

We value our employees, and a Blue Culture allows for the most rewarding employee experience as part of the Graham family. Blue is how we feel about what we do—together—to create a better tomorrow. Working at Graham means you lead constructively with clear goals, use diverse thinking to drive excellence, accountability, innovation, as well as demonstrating collaboration, embracing learning, and taking action for continuous improvement and growth.

Overview

The OT Cyber Security Analyst is a critical member of the Cybersecurity and Operational Technology (OT) team, responsible for securing industrial control systems and manufacturing environments. This role focuses on OT security monitoring, threat detection and incident response, vulnerability management, and secure implementation of cybersecurity controls across plant operations.

 

The analyst will leverage hands-on experience in manufacturing environments, working directly with PLCs, embedded systems, industrial networks, and OT-specific security platforms such as Dragos, alongside tools including CrowdStrike and Linux-based systems. This role requires a practitioner who can bridge IT and OT domains, ensuring the availability, integrity, and security of production systems without disrupting operations.

 

This is a remote position with travel required to manufacturing facilities primarily in North America, with occasional travel to Europe and South America.

Responsibilities

Position Duties and Responsibilities:

  • OT Security Monitoring & Incident Response:
    Monitor industrial networks, control systems (SCADA, PLCs), and plant environments for cyber threats and anomalies. Investigate alerts generated by tools such as Dragos and CrowdStrike, and coordinate incident response actions including containment and recovery with plant operations teams.
  • Threat Detection & OT Risk Analysis:
    Identify threats targeting industrial control systems by analyzing OT network traffic, device behavior, and threat intelligence. Perform root cause analysis of incidents impacting manufacturing environments.
  • OT Vulnerability Management:
    Assess vulnerabilities across OT assets including PLCs, HMIs, and embedded systems. Partner with engineering and plant teams to prioritize remediation activities that minimize production risk.
  • Industrial Control Systems (ICS) Security:
    Support the design, implementation, and maintenance of secure architectures for PLCs, DCS, and embedded systems. Ensure adherence to segmentation, least privilege access, and secure communication protocols within plant environments.
  • Tool Administration & Optimization:
    Deploy, maintain, and optimize OT and endpoint security platforms including Dragos, CrowdStrike, and Linux-based monitoring tools. Tune detection rules and alerts to reduce false positives and improve threat visibility.
  • Network Segmentation & Plant Security Controls:
    Assist in implementing network segmentation strategies between IT and OT environments. Validate firewall rules, remote access controls, and secure vendor connectivity into plant networks.
  • Collaboration with Manufacturing & Engineering Teams:
    Work closely with plant managers, controls engineers, and IT teams to integrate cybersecurity controls into manufacturing processes without impacting uptime or throughput.
  • Security Policy, Compliance & Standards:
    Ensure OT security practices align with frameworks such as NIST Cybersecurity Framework (CSF), ISA/IEC 62443, and internal company cybersecurity policies. Support audits and risk assessments specific to manufacturing operations.
  • Continuous Improvement & Threat Intelligence: Stay current on emerging OT threats and vulnerabilities. Contribute to improving the organization’s overall OT security posture through new controls, tools, and best practices.

 

Qualifications

Education and/or Work Experience Requirements:

 

  • Education:  Bachelor’s degree in Cybersecurity, Information Technology, Engineering, or related field preferred (or equivalent experience)
  • Experience:
    • 3–7 years of experience in cybersecurity, with direct experience in OT/ICS environments within manufacturing required
    • Proven experience implementing cybersecurity controls in industrial or production environments
    • Hands-on experience supporting plant operations or working with controls/automation teams is strongly preferred
  • Technical Skills:
    • Strong understanding of OT networks, industrial protocols (Modbus, OPC, Ethernet/IP), and control systems architecture
    • Hands-on experience with:
      • PLCs and embedded systems
      • Dragos or similar OT security platforms
      • CrowdStrike or equivalent endpoint detection tools
      • Linux environments and scripting
    • Familiarity with network segmentation, firewalls, and remote access in OT environments
    • Understanding of IT/OT convergence risks and mitigation strategies
  • Certifications (Preferred):
    • GICSP (Global Industrial Cyber Security Professional)
    • CISSP, CISM, or equivalent
    • Vendor-specific certifications (CrowdStrike, Dragos) a plus
  • Skills:
    • Strong analytical and troubleshooting skills in complex operational environments
    • Ability to communicate effectively with both technical teams and plant operations personnel
    • Ability to balance security requirements with operational uptime and safety priorities
    • Self-driven with ability to work independently in a remote environment
  • Work Environment & Travel Requirements:

    • Remote-based role with expected travel:
      • North America manufacturing sites: primary travel (approximately 25–40%)
      • International travel (Europe & South America): occasional, project-based
    • Must be comfortable working in industrial plant environments, including production floors when required

 

The standard compensation for this role is $128,400 - $192,600. Salary offers will be determined based on final candidate qualifications, experience, skillset, and other relevant factors.

Compensation Statement

The expected salary range for the position described in this posting is made in accordance with the legal mandates of certain jurisdictions within the United States. The final agreed-upon compensation is based on individual qualifications and experience.

Benefits Statement

Benefits include medical, dental, vision and basic life insurance. Employees are able to enroll in the company’s 401K Employee Saving Plan and may participate in its Employee Wellness Program. Employees will also receive paid time off in accordance with company policy and state law requirements.

EEO Disclaimer

Graham Packaging is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, sex (including pregnancy), sexual orientation, religion, creed, age, national origin, physical or mental disability, gender identity and/or expression, marital status, veteran status or other characteristics protected by law.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed