OT Penetration Tester
1511166
Posted: 28/06/2024
- £Competitive
- City of London
- Permanent
- Enterprise Security
- Cyber Security
We are seeking an experienced OT Penetration Tester to conduct comprehensive security assessments of industrial control systems (ICS), SCADA systems, and other critical infrastructure components.
The ideal candidate will have in-depth knowledge of OT systems, protocols, and cybersecurity best practices, along with strong ethical hacking and risk assessment skills.
Key Responsibilities:
- Conduct thorough penetration testing of OT environments, including PLCs, RTUs, HMIs, and DCS.
- Identify and exploit vulnerabilities in OT protocols such as Modbus, DNP3, OPC, and Profinet.
- Perform risk assessments to evaluate the potential impact of security breaches on critical infrastructure.
- Develop and execute detailed penetration testing plans, methodologies, and scripts tailored for OT systems.
- Collaborate with OT engineers, IT professionals, and other stakeholders to understand system architectures and identify security weaknesses.
- Document and present assessment findings, along with actionable recommendations for remediation, to stakeholders.
- Stay updated on the latest OT security threats, vulnerabilities, and attack techniques.
- Adhere to ethical and professional standards, ensuring the safety and reliability of critical infrastructure systems.
Qualifications:
- Relevant certifications, such as GICSP, GIAC Cyber Security OT, CSSA, CISSP, ISA/IEC 62443, CEH, CSSP, CAP, or OSCP.
- Proven experience in conducting penetration tests on OT/ICS environments.
- Strong understanding of OT systems, including PLCs, RTUs, HMIs, and DCS.
- Proficiency in OT protocols such as Modbus, DNP3, OPC, and Profinet.
- Excellent risk assessment and vulnerability analysis skills.
- Effective communication skills for documenting findings and presenting reports.
- Commitment to continuous learning and staying updated on emerging OT security trends.
Preferred Qualifications:
- Advanced certifications in OT security.
- Experience with specific industrial sectors (e.g., energy, manufacturing, water treatment).
- Familiarity with regulatory standards such as NIST SP 800-82 and IEC 61850.
Benefits:
- Competitive salary and performance-based bonuses.
- Comprehensive benefits package, including health insurance.
- Professional development opportunities and support for continuous learning.
- Flexible work hours and remote work options.
- Collaborative and innovative work environment.
If you are interested inthis opportunity, we encourage you to apply today!
Zack Mount
Head of Network Security (EMEA)