Senior Security Consultant - OT / Industrial Control Systems (ICS)

Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in speed and agility needed to tackle the most advanced cyber threats. We leverage our global scale and decades of experience to accelerate our clients’ cyber outcomes through a full lifecycle of cybersecurity services. We are a global company with operating centers in the United States, Canada, the United Kingdom, and India.

About the Job:

We are seeking a highly skilled and experienced Senior Security Consultant OT/ICS to lead and deliver critical security solutions for our clients' operational technology and industrial control systems. This role is pivotal in safeguarding critical infrastructure and ensuring the resilience of our clients' operations.

The Senior Security Consultant OT/ICS is a senior-level position responsible for working directly with clients to ensure the cybersecurity of their Industrial Automation and Control Systems (IACS) environments. This role requires a deep understanding of industry standards, regulations, and best practices, and the ability to communicate technical information to both technical and non-technical audiences effectively. The Senior Security Consultant will play a critical role in protecting our clients' critical infrastructure from evolving cyber threats by designing, implementing, and maintaining security solutions, performing security assessments, and supporting the identification and mitigation of security vulnerabilities.

• Work directly with clients to design, implement, and maintain security solutions for their IACS environments, adhering to industry best practices and standards (e.g., ISA/IEC 62443).
• Perform security maturity assessments of client IACS environments to identify vulnerabilities and potential threats and develop prioritized mitigation plans.
• Support the identification and mitigation of security vulnerabilities in clients' IACS components, including PLCs, HMIs, and SCADA systems.
• Ensure clients' compliance with relevant regulations and standards (e.g., NERC CIP), and develop and maintain client security documentation, including policies, procedures, and standards.
• Respond to and investigate security incidents related to clients' IACS, and collaborate with clients' engineering, operations, and IT teams to integrate security into IACS design and operations.
• Evaluate and recommend new security technologies and solutions for clients' IACS, with a focus on industry-leading OT/ICS monitoring solutions.
• Maintain a strong understanding of the evolving threat landscape and its impact on IACS security for our clients.
• Support the Sales team for pre-sales activities related to OT and ICS security initiatives.

• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, Automation Engineering, or equivalent experience in IACS security, operational technology (OT) security, or a related field.
• 6+ years of experience in IT/OT Security, with at least 3-4 years focused on OT security.
• Strong knowledge of IACS architectures, protocols, and technologies (including networking, Active Directory, and operational technology communication protocols), and OT infrastructure, including control systems and network components.
• Extensive knowledge of industry security standards and frameworks, such as ISA/IEC 62443 and NIST SP 800-82.
• Experience with security assessment tools and techniques for IACS environments.
• Strong analytical and problem-solving skills, with the ability to identify vulnerabilities and potential threats in OT systems, analyse security risks, and propose mitigation strategies for clients.
• Excellent communication and interpersonal skills, with the ability to effectively communicate technical information to both technical and non-technical audiences, including client stakeholders.
• Ability to work independently and as part of a team, often in client-facing situations.
• Familiarity with industry-leading OT and ICS monitoring solutions (e.g., Claroty xDome & Continuous Threat Detection (CTD), Microsoft Defender for IoT, Dragos Platform, Nozomi Networks Guardian).
• Fluency in a second language (French, English) is highly desirable.

Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status.

Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.