Construction Contracts and Administration Design and Construction Project Management Environmental Services Facilities and Operations Engineering Facilities Automation and Systems Facilities Customer and Service Management Facilities Operations and Campus Services Facilities Planning and Design Landscape Operations Maintenance Planning and Renovation Services Utilities Operations and Plant Management
Management Professional Supervisory
Penn State Job Catalog
Facilities Automation Systems Security Engineer – Intermediate Professional (PSU0511)
Additional Levels
Additional levels that exist for this job profile can be seen below.
Missing levels within the leveling matrix can be added based on business need.
Job Summary and Representative Duties
The Facilities Automation Systems Security Engineer serves as a subject matter expert in Operational Technology (OT) cybersecurity and is responsible for securing Building Automation Systems (BAS), Supervisory Control and Data Acquisition (SCADA) systems, Laboratory Monitoring Systems, and other facility automation technologies; designs, implements, and maintains cybersecurity controls that protect critical facility infrastructure, operational continuity, and safety-related systems; leads complex cybersecurity initiatives, conducts risk assessments, investigates security incidents, and develops secure architectures for automation and control systems; collaborates with facilities, engineering, information security, and operational teams to ensure compliance with cybersecurity standards, regulatory requirements, and industry best practices, while supporting the reliable operation of mission-critical environments.
- Design, implement, and maintain cybersecurity controls for BAS, SCADA platforms, Laboratory Monitoring Systems, and related OT environments
- Conduct risk assessments, vulnerability analyses, security reviews, and threat modeling activities to identify and mitigate risks to facility automation systems
- Develop and implement secure architectures, network segmentation strategies, defense-in-depth controls, and secure remote access solutions for OT environments
- Monitor OT networks and systems for cybersecurity threats, anomalous activity, and operational risks; investigate and coordinate response to security incidents and system compromises
- Lead system hardening, secure configuration, patch management, and vulnerability remediation efforts for automation servers, controllers, field devices, and supporting infrastructure
- Evaluate, test, deploy, and administer OT cybersecurity technologies, including monitoring, detection, access control, and asset management solutions
- Assess and maintain compliance with applicable cybersecurity frameworks, standards, and regulations, including OT-specific security requirements and best practices
- Develop and maintain security policies, standards, procedures, and technical documentation related to facility automation and control systems
- Perform security audits, configuration reviews, and operational assessments to improve the security posture and resilience of OT environments
- Analyze threat intelligence, emerging vulnerabilities, and industry trends to identify risks and recommend mitigation strategies
- Collaborate with facilities, engineering, safety, and information security teams to integrate cybersecurity requirements into automation projects, system upgrades, and operational processes
- Review vendor solutions, system designs, and contractor activities to ensure compliance with cybersecurity and operational requirements
- Participate in system commissioning, testing, and implementation activities to validate security controls and operational readiness
- Track and support procurement, licensing, budgeting, and lifecycle management activities related to OT cybersecurity technologies and services
- Provide guidance on OT cybersecurity practices, technologies, and risk management strategies
- Prepare and deliver technical reports, risk assessments, recommendations, and briefings for management, project teams, auditors, and other stakeholders
- May supervise staff members, including hiring, development, and performance management
Level Matrix
- Level:
- – Intermediate Professional
- Base Description:
- – Completes activities, tasks, and/or projects of a functional nature.
- Level Summary:
- – Demonstrates ability to perform intermediate tasks in defined skill areas. Demonstrates intermediate knowledge of internal procedures. Works under general supervision, performing assignments that may be varied and sometimes difficult. Supports team decisions and follows through with team responsibilities. Interprets and communicates information clearly and accurately. Demonstrates intermediate problem–solving skills.
- Supervisory Responsibilities:
-
– May serve as direct supervisor for part–time, student, and/or temporary workers or volunteers
- Fiscal Responsibilities:
-
– May validate and pay invoices
- Problem Solving:
-
– Encounters generally routine problems; occasionally faces more complex and/or varied problems
– Typically follows recommended course of action and procedures to resolve problems
– Applies knowledge of larger unit goals, priorities, and related procedures in determining course of action
- Independence of Action:
-
– Work is generally monitored by supervisor
– Detailed instructions and procedures are generally provided
– Uses available guidelines to make appropriate adaptations to routine situations and refers other situations to supervisor
- Communication and Collaboration:
-
– Communicates internally within working unit and/or the University
– May communicate with external audiences
– Collaborates closely with team members
– Interprets and communicates information, ideas and instructions clearly and accurately both verbally and in written materials intended for distribution
Salary Structure
- Comp Grade – 11
- Minimum – $72,300.00
- MidPoint – $90,312.00
- Maximum – $108,444.00