Senior Consultant Kudelski Security (OT Security)
Location
Cwmbran, Torfaen | United Kingdom
Job description
With more than 3200 employees worldwide, 32 locations around the world and 4 business units, the Kudelski Group offers endless opportunities for people to start new journeys, grow and succeed.
SHAPE THE FUTURE WITH US!
Senior Consultant Kudelski Security (OT Security)
Stimulating. Motivating. Challenging.
Leveraging its long-standing expertise in securing digital content as well as fighting piracy, Kudelski Security, a division of the Kudelski Group, is a provider of cybersecurity solutions and services focused on protecting data, processes and systems for companies and organizations around the world, safeguarding their assets at a time of increasingly remote communications.
Mission
The Digital Infrastructure & Endpoint Protection practice is the home base of a growing number of advisors that can deliver OT/ICS/DCS/SCADA related engagements. The EMEA OT Consultant is a crucial member of our Kudelski Security Advisory team working closely and reporting to the Digital Infrastructure & Endpoint Protection practice lead, and ultimately reporting to Technical Practice Lead.
Responsibilities
Your Responsibilities will be to:
- Performs cybersecurity & vulnerability criticality assessment of the OT systems & Categorize the risks
- Benchmarks the cybersecurity system state as per ISA/IEC 62443 / NIST
- Identifies the gaps to reach desired SL level and Recommend the mitigation actions as per the assessment
- Understands the frameworks and recommends applicable controls specific to the environment and systems
- Develops Audit reports
- Identifies the gaps and coordinate with the stakeholders for closure
- Experience in planning the audit and assessment activities
- Perform the hardening of the OT systems and network
- Liaises with the OT asset owners for implementation activities and site planning for performing these activities
- Performs risk assessment of the implementation activities and identify the mitigation measure for smooth implementation on site
This role involves
- Assisting the development of Proposals and Statement of Works (SOW) in close collaboration with the sales and pre-sales team, and other advisory team members working as one team
- Working closely with the rest of the advisory team to deliver consistent outcomes across regions acting as one team
- Working collaboratively with other BU’s and divisions inside of Kudelski Security
- Develop and maintain strong relationships with KS colleagues and the KS clients, contributing to a positive culture of change and innovation
- Develop and maintain strong relationships with KS clients
Requirements / Profile
You are
- Very good knowledge of security principles and firm knowledge of cybersecurity technologies, as well as industry-recognized certifications, such as - CISSP, CISM, CISA, CEH, GICSP, IEC 62443, etc.
- Experienced with security engineering principles, various cybersecurity assessment methodologies, security control implementation, and validation, and system life-cycle practices
- Able to demonstrate you have advanced knowledge of networks and control systems utilized by critical infrastructure sectors, is preferred
- Able to demonstrate you understand business principles and operational security practices specific to engineering and/or security consulting
- Proven knowledgeable with industry good practice, such as IEC 62443 (3-3, 3-2), NIST CSF, NIST 800-82r2, ONG-C2M2, NERC-CIP
- Experienced with physical cabling for network communications and control system input/output
- Knowledgeable with - Security, Orchestration, Automation & Response (SOAR) solutions- OT asset inventory w/ change detection solutions- Vulnerability Management solutions- Identity and Access Control solutions- Zero Trust Security solutions- OT network & communications monitoring solutions+ Knowledge of the Purdue model (ISA95)
- Knowledgeable with - Cybersecurity controls, specifically those relating to firewalls, identity, and access control, authentication, and authorization, anti-virus/anti-malware, patch management, network, and system hardening, SIEM implementation, and/or tuning, and logging
- Knowledge with legacy and modern computer networking and telecommunications
You have
- Minimum of bachelor’s degree in a technical field
- 3+ years of industrial cybersecurity experience
- Additional applicable years of experience may be considered in lieu of degree requirements
- Cybersecurity, Industrial Cybersecurity, Cyber-Physical Systems, Computer Science or Information Systems, Computer Engineering, Electrical Engineering, or another related technical field with appropriate experience
- Control systems from a wide range of vendors (PLC, DCS, SCADA)
- Preferable training/certifications in any of these ISA 62443, CISSP, GIAC, ICS-CERT, or SANS
- Strong written and oral communication skills
- Strong analytical and critical thinking skills
- Ability to operate under pressure and under tight deadlines, to operate onsite within industrial, corporate, and government work settings
- Ability to present complex technical issues and their impact in an easy-to-understand manner
- Must have Effective Written/Verbal Communication Skills in English and other European language
Reference: 14412
Publication Date: 01-02-2024
If you love the challenge as much as the rewards and are ready to take your career to the next level, apply today.
#J-18808-Ljbffr
Job tags
Salary