Senior OT Security Consultant

Job description

Founded in 2012, Applied Risk is a well-recognised and respected leader in the Operational Technology (OT) Security space. We have managed to successfully grow the company to over 25 people today, with clients spread across 4 continents: Europe, US, APAC and the Middle East. We are considered a key Cybersecurity player within the Operational Technology industry. We’re helping businesses to protect assets and reduce security risk, providing organisations ranging from Fortune 500 enterprises to small-to-medium sized companies with the services and solutions they need to transform the way they procure, build, integrate and manage their critical infrastructures.

Our key mission is to help our clients to mitigate and defend against cyber threats. Our culture is based on the values of work ethic, keeping promises, safety, curiosity and collaboration. We built a vibrant company culture we believe everyone wants to work in. We trust our employees and empower them to do great things and use good judgement to make decisions on behalf of Applied Risk and for our clients.

The role:

As we are planning to double in size in the coming year due to our healthy expansion plans and the huge increase of our client base, we’re currently growing our OT Security capability globally. In the light of this, we’re urgently looking for a Senior OT Security Consultant, to be based at our HQ in Amsterdam. We’re looking for someone with senior experience in Critical Infrastructure sectors, such as Power, Oil & Gas, Water, Transportation, Manufacturing, Food etc. including experience in a variety of Cyber security disciplines like:

  • Industrial Automation and Process Control
  • Enterprise, IT and OT cyber security
  • Industry regulations including IEC 62443, NIST SP800 and other industry standards and regulations
  • Smart Grids and Digital Oilfields

You have:

  • Bachelor’s or Master’s degree in Computer Engineering, Electrical Engineering, Computer Science or a related technical field
  • Minimum of 6+ years’ work experience in Operational Technology Security
  • Proven experience in performing control systems risk assessments, and security awareness training for systems operators, owners and vendors
  • Knowledge of operational impact analysis workshops and technical trade–off studies against SCADA, PLC and DCS architectures, and associated industrial communication protocols
  • Expertise on developing OT security programs, and securing OT network architecture
  • Ability to present technical design proposals and reports to customers and/or other senior engineering, management and government groups in clear, complete, concise and non–ambiguous terms
  • Excellent presentation, written and verbal communication skills; ability to clearly communicate and have excellent consulting skills
  • Ability to manage and mentor a small team of Security consultants
  • Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action
  • Perform presales activities (e.g. proposals, presales calls, RFP responses)
  • Ability to interact with high profile clients
  • CISSP, GICSP, CISM or CFSE/CFSP certification
  • Fluent language skills in English and preferably in Dutch
  • Willingness to travel for approx. 20% of your time

Applied Risk works with clients that are related to critical infrastructure. A qualified candidate must be able to pass a screening background check.

What we offer:

  • A competitive compensation
  • The chance to work with the best cybersecurity people in the world
  • Work on International assignments
  • Learning and development opportunities, attending conferences, events etc.
  • Be part of a diverse and vibrant international environment
  • Our “thirsty Thursdays” as social activity including movies, pizza, drinks, bar visits
  • “Quarterly” team events

Job requirements

  • Experience with operational technologies such as Remote Terminal Units (RTUs), Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS) and SIS
  • Experience with major industrial systems such as Emerson, Yokogawa, Honeywell, GE, ABB, Siemens etc.
  • Fundamental understanding of IT and OT network communication protocols (For example: TCP/IP, UDP, OPC, IEC 101/104, Modbus, IEC 61850, WirelessHART, ISA100
  • Active participation in design concepts and implementation strategies for various SIS, PLC and DCS systems to guarantee practical implementation of security standards
  • Understanding of contemporary and legacy security technologies used within a particular domain, such as Firewalls, IDS/IPS, Diodes, SIEM
  • Strong knowledge of networking technology (e.g. routers, switches, firewalls)
  • Comprehend the customer’s business environment and suggest fit for OT security solutions
  • Background in a CNI domain, e.g. transport, energy, utilities, defence or other heavy industry