Senior Consultant, Cybersecurity - Operational Technology & Industrial Control Systems

At KPMG, you’ll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.

Our Cyber Security team is seeking a highly skilled Senior Consultant specializing in Operational Technology (OT) and Industrial Control System (ICS) Security. Join a dynamic and innovative team where you will help organizations secure their industrial environments, mitigate cyber risks to critical infrastructure, and ensure compliance with leading standards such as ISA/IEC 62443.

As a Senior Consultant, you will collaborate with clients across sectors like energy, manufacturing, utilities, and transportation to assess, design, and implement tailored security solutions for their OT and IC environments.

• Conduct OT/ICS cyber risk and maturity assessments leveraging frameworks including ISA/IEC 62443, NIST SP 800-82, and industry best practices.
• Develop, evaluate, and implement cybersecurity strategies, governance frameworks, and target operating models specifically for industrial environments.
• Draft and support the implementation of OT/ICS cybersecurity roadmaps, including gap analysis and remediation planning. Perform control testing to assess the design, implementation, and effectiveness of security controls within OT/ICS environments.
• Facilitate the integration of cybersecurity controls into industrial processes, supporting secure architecture design and network segmentation initiatives.
• Develop cybersecurity policies, standards, and guidelines and deliver OT/ICS cyber awareness and training programs for plant operators, engineers, and technical staff.
• Stay current with emerging threats, vulnerabilities, and regulatory requirements impacting OT/ICS environments.

• 3–5 years of experience working on cybersecurity projects or activities, with a strong focus on operational technology and industrial control systems.
• Bachelor’s degree in computer science, engineering, information security, or equivalent technical training (preferred).
• Demonstrated experience implementing and auditing against the ISA/IEC 62443 standards and/or other leading frameworks such as NIST SP 800-82, NERC CIP, ISO 27001/27019 for industrial automation and control systems.
• Strong technical understanding of industrial protocols (Modbus, DNP3, OPC, etc.), SCADA, PLCs, and network architectures.
• Strong written and verbal communication skills, able to collaborate and present effectively to stakeholders ranging from plant personnel to senior executives.

Integrity, we do what is right | Excellence, we never stop learning and improving | Courage, we think and act boldly | Together, we respect each other and draw strength from our differences | For Better, we do what matters

KPMG in Canada is a proud equal opportunities employer and we are committed to creating a respectful, inclusive and barrier-free workplace that allows all of our people to reach their full potential. A diverse workforce is key to our success and we believe in bringing your whole self to work. We welcome all qualified candidates to apply and hope you will choose KPMG in Canada as your employer of choice.

At KPMG, we are committed to fostering an inclusive recruitment process where all candidates can be themselves and excel. We aim to provide a positive experience and are prepared to give you adjustments or accommodations to help you perform at your best. Adjustments (informal requests), such as extra preparation time or the option for micro breaks during interviews, and accommodations (formal requests), such as accessible communication supports or technology aids, are tailored to individual needs and role requirements. You will have an opportunity to request an adjustment or accommodation at any point throughout the recruitment process. If you require support, please contact KPMG’s Employee Relations Service team by calling 1-888-466-4778.