Cyber Security Jobs

Trending

• Job Identification 21985
• Job Category Professional Services
• Posting Date 01/29/2026, 09:04 AM
• Job Schedule Full time

Role & Mission

As an OT Cybersecurity Lead Consultant (Professional Services), your role and mission is to support our partners and asset owners through their digital transformation by delivering pragmatic OT cybersecurity assessments, architectures, and roadmaps that protect evolving OT/ICS environments, without compromising safety, availability, or operations.

You will lead engagements to identify "crown jewel" assets, design robust security architecture based on IEC 62443, and deliver actionable roadmaps that balance rigorous security controls with the realities of 24/7 plant operations.

Key Responsibilities

• Lead end-to-end OT cybersecurity consulting engagements, from initial discoveries through architecture definition and roadmap delivery
• Performing initial and detailed risk assessments for ICS environments to identify threat scenarios, crown jewels, and business-relevant risks
• Perform network architecture and system architecture reviews to provide a clear and comprehensive overview of the OT network and its components, understand its structure and functions, identify potential vulnerabilities, design gaps, and make informed decisions about its management and security.
• Conduct interview-based assessments with engineering, operations, IT, and safety stakeholders.
• Provide support in determining Target Security Levels (IEC 62443) per zones and conduits based on the threat modeling, operational impact, and asset criticality.
• Translating risk assessment findings into actionable technical requirements for engineering teams.
• Act as the trusted bridge between CISOs, engineering leaders, and plant operations, translating cyber risk into operational impact and vice versa.
• Support Sales teams by contributing to RFPs, statements of work, and service scoping for OT/ICS cybersecurity engagements.
• Support programs aimed at growing OT enabled Services partners per Fortinet professional services framework.

Technical Skills & Knowledge

• Ability to design OT security architectures that prioritize availability, safety, and recoverability over pure prevention
• Ability to understand ICS/OT network architectures, regardless of the technology, and perform a detailed technical review.
• Deep understanding of the Purdue Reference Model (ISA-95) and how IT/OT and cloud convergence reshape the OT attack surface.
• Ability to apply OT specific risk methods (e.g., Bowtie) in a cybersecurity context.
• Expertise in Zones and Conduits (IEC62443) design to ensure network segmentation effectively isolates critical assets.
• Knowledge of OT specific threat actors and tactics (e.g.: MITRE ATT&CK® for ICS).
• Understanding OT standards and guidelines, such as IEC62443, ISA-TR-84.00.09 and NIST SP 800-82.
• Understanding the relationship between Functional Safety (IEC 61508/61511) and Cybersecurity (IEC 62443).
• Knowledge of Industrial Control Systems (ICS) and architecture design (preferably ABB, Allen Bradley (Rockwell Automation), Schneider Electric or Siemens).
• Understanding technologies such as NGFW, IDS, IPS, SIEM and others; and how they are deployed in an OT environment to implement a defense-in-depth strategy.
• Familiarity with active and passive monitoring tools (e.g.: Nozomi Networks, Dragos, Claroty, Tenable) to collect data from asset-owners OT networks.
• Ability to interpret OT specific CVEs and their impact on PLCs, RTUs, HMIs and others.
• Ability to perform a site walkdown for physical assessment.
• Ability to select and position monitoring and protection technologies appropriately within an OT architecture.
• Demonstrate expertise in establishing ICS/OT Cybersecurity Governance Framework such as ability to review existing and design new organizational policies and procedures, RACI and others.
• Knowledge of Fortinet products with a NSE4 certification on Secure Networking would be a plus.

Required Qualifications & Experience

• Experience delivering consulting engagements in live production environments with strict uptime and safety constraints.
• Experience: 10+ years in OT/ICS environments (e.g.: Utilities, Manufacturing, Oil & Gas, Transportation) including brownfield industrial sites.
• Experience: 5+ years in consulting/risk management.
• Experience with PLC/HMI/SCADA/DCS/SIS such as programming, architecture design, FAT, SAT commissioning process, or discrete automation.
• Certifications (Preferred):
• ISA/IEC 6243 Cybersecurity Risk Assessment Expert
• GICSP (Global Industrial Cyber Security Professional)
• C ertified Information Systems Auditor (CISA) with industrial experience
• Education: B.S. in Electrical Engineering, Mechanical Engineering, Computer Science, or a related field.

Soft Skills

• Proficiency in writing technical reports.
• Strong command of English.
• Ability to deliver high-level presentations to non-technical stakeholders. E.g.: C-Level Executives
• Experience in managing IT vs OT friction.
• Basic project management skills (schedule, scope of work, etc.).
• Proven ability to work independently as well as in a team in a collaborative environment. Ability to elicit cooperation from a wide variety of sources, including management, clients, and other departments.

Travel Requirements

Expect traveling up to 30% of the time within the gulf region.

What Success looks like

• Your work translates into sustained customer engagement and measurable contribution to OT Professional Services’ outcomes.
• Achieving high Customer Satisfaction (CSAT) rating.
• Earning the ‘Trusted Advisor’ status from partners and asset owners.
• Being recognized as Subject Matter Expert (SME) at Fortinet.
• CISO teams and plant leaders align faster because of your work.
• Security improvements are measurable without disrupting operations.

Fortinet makes possible a digital world that we can always trust through its mission to protect people, devices, and data everywhere. This is why the world’s largest enterprises, service providers, and government organizations choose Fortinet to securely accelerate their digital journey. The Fortinet Security Fabric platform delivers broad, integrated, and automated protections across the entire digital attack surface, securing critical devices, data, applications, and connections from the data center to the cloud to the home office. Ranking #1 in the most security appliances shipped worldwide, more than 615,000 customers trust Fortinet to protect their businesses. And the Fortinet NSE Training Institute, an initiative of Fortinet’s Training Advancement Agenda (TAA), provides one of the largest and broadest training programs in the industry to make cyber training and new career opportunities available to everyone.