OT Security Consultant
Full Time
Bengaluru
Posted 1 year ago
Experience:
- Minimum 5 years of working experience in Cyber Security Consulting or Advisory in Risk Assessment, BCP/DR, Data Privacy.
- Minium 5 years of hands-on experience in IoT and OT security consulting and Advisory in Risk Assessment.
- Successfully delivered at least 2 (two) Cyber Security consulting projects as consultant in recent years (2 years).
- Good understanding on the Purdue model, PLC, SCADA, ICS, ISA/IEC 62443, COBIT and ISO 27001, NIST, PCI-DSS standards
Education & Certification:
Bachelor’s degree is required.
Preferred Certification (VALID):
- CRISC
- ISA/IEC 62443
- GRID
- GICSP
- CISSP
- Cisco CCENT/CCNA
Responsibilities
Below will be the scope of the role.
- Assess security architecture.
- Risk assessment, analysis, and recommendation.
- Auditing.
- Business impact & privacy analysis.
- Security compliance, governance audits
- ICS/OT environment Compliance assessment
- Prepare security policy, framework, guidelines.
- Advisor to Senior Management on Business Continuity, Risk Management program
- Technical documentation.
- Prepare remediation plan and execution of plan.
Knowledge and Skills
- General understanding of Cyber security frameworks and standards such as ISO, NIST CSF, CIS, and MITRE ATT&CK, OWASP 10, SANS 25.
- Moderate to High level understanding of IT-OT convergence, Purdue Model, IDMZ concepts, network technologies, systems, and concepts.
- Good knowledge of industrial communication protocols and technologies from main vendors.
- Hands on experience on anomaly detection tools in the ICS/OT environment.
- Good skill on correlation of data and remediation of any misconfigurations.
- Knowledge of OT asset & vulnerability management. Work with OT asset owners to remediate asset or vulnerability issues.
- hands-on experience and knowledge of ICS / SCADA System Security (design, controls)
Experience on OT monitoring technologies - Hands on experience on Wireshark PCAPs, IDS, IPS
- Experience in troubleshooting industrial protocols such as OPC, Modbus TCP, HART etc
- Experience in incident handling and response system SIEM & SOAR
- Cloud Security Trust, Assurance & Governance
- Audit Automation
- Service Organization Control (SOC1, SOC2) Audit & Compliance
- Software Security Framework (e.g., BSSIM, OWASP SAMM)
- Excellent written & verbal communication and analytical skills.
- Good documentation skills.
- Good problem-solving skills.
Candidate selection guide for screening:
- Priority1: Primary skill as IoT/OT secondary skills are IT Risk Management, Compliance Management, BCP/DR
Job Features
| Job Category | IT |
| Experience | 6 - 10 Years |
| Skills | Cyber Security |
| Primary skills | IOT / OT Security Consulting |
| Education | Any Graduate |
| Openings | 10 |