Principal OT Security Consultant Middle East
Your Key Responsibilities will include but not limited to:
Description
Role Overview:
Apply proven knowledge of cybersecurity and industrial equipment and processes to help develop and drive strategies that enable clients to secure their OT/ICS networks, drive down cyber risks, and design and propose appropriate OT cybersecurity solutions. Facilitate/conduct interviews with business and technology leaders, key client stakeholders, and support engagement managers to develop strategies and present findings. Perform various activities, including cyber security program management, conducting cybersecurity workshops or performing security assessment activities, which may include physical security walk-downs, observations, technical configuration reviews, and conducting client personnel interviews.
Actively participate in engagements, conducting, contributing and leading meetings with clients in the capacity of a cybersecurity program director/subject matter expert, lead consultants and security analysts appropriately in projects. Supporting business development activities including creating approaches and methodology, proposal writing, and direct support in presenting to potential clients. Taking on responsibility for the day-to-day running of the engagement deliverables including meeting quality and time targets.
Basic Qualifications:
- 10+ years of experience in OT/ICS cybersecurity
- Proven experience performing OT/ICS cybersecurity functions, including risk management, vulnerability assessments, security assessments, and strategy and program development
- Proven expertise in developing OT security programs, securing OT/ICS network architecture
- Proven ability to establish, maintain and grow work relations with clients
- Proven ability to conduct and support sales-related activities
- Proven leadership skills with ability to direct a team and achieve results on schedule
- Proven knowledge of security systems/products, including firewalls, intrusion detection, anti-malware software, authentications systems, log management, and content filtering
- Proven knowledge of cybersecurity tools, network topologies, intrusion detection and secured networks
- Proven ability to develop strategies and present them to senior-level audiences in a persuasive and effective manner
- Proven ability to meet deadlines, multi-task, and thrive in a dynamic, high-intensity environment
- Proven ability to create cybersecurity documentation, including security policies, procedures, work instructions, diagrams and plans
- Proven ability for managing, mentoring and coaching a team
- Bachelor’s or Master’s degree in Computer Engineering, Electrical Engineering, Computer Science or a related technical field
- Be professional, operate to high standards and be a committed team player
- Be confident and effective in recognising and managing potential issues during client engagements
- Take a practical approach to solving issues and gaining trust and agreement
- Excellent verbal communication, presentation and written skills
- Fluent language skills in English
- Ability and willingness to travel
- Proven experience with securing OT network architecture across the Purdue reference model.
- Proven experience with systems security engineering, design engineering, security tests and evaluations, and risk assessments for ICS, DCS, SCADA or other OT systems
- Proven experience with common industrial network protocols, including Serial, Modbus, Profibus and EthernetIP
- Proven experience with IEC 62443, ISO 27001, NIS 1 / NIS 2, NIST SP 800-82, NERC CIP or other industrial control frameworks and regulations
- Proven experience with analysing vulnerability and security risk assessment tool results
- Proven as an industrial automation/controls engineer or similar
- Proven of automation or control systems programming software is desirable
- Proven experience in OT security solution design, deployment and management experience are desirable
- CISSP, GICSP, CISM or CFSE/CFSP certifications are desirable