Senior Security Engineer - Operational Technology
Description
GuidePoint Security is looking for highly skilled OT security professionals for upcoming commercial projects. GuidePoint Security’s OT service offerings are perpetually evolving in response to emerging threats and diverse client needs. We are growing and are looking to hire a Senior OT Security Engineer with an in-depth understanding of securing Operational Technology (OT). Knowledge of OT, ICS, SCADA, IIoT, network architecture, and industrial cybersecurity design is required.
Role Requirements
Deliver OT security engineering services, including, but not limited to: deployment of OT security tools, health-checks of existing OT security tools, working with clients and vendors to make configuration changes as needed to OT solutions, and OT security architecture assessments
Author comprehensive services deliverables that are proficiently tailored to both technical and managerial audiences, and fully detail the technical execution, core deficiencies, business impact, and realistic remediation strategies
Perpetually strengthen relevant skills, knowledge, and abilities to stay at the forefront of the OT security industry
Foster strong client relationships and represent GuidePoint well by providing interactive and collaborative support, information, and guidance to ensure delivery of maximum value
Maintain a strong desire to learn, adapt, and improve along with a rapidly-growing company
Collaborate with a wide range of departments to improve our OT service offerings to align with the SANS Five ICS Critical Control
Education, Credentials, and Experience
Knowledge of the Purdue Model Framework and PERA architecture
Minimum of five-seven (5-7) years of experience performing security services related to OT
Minimum of five (5) years of experience architecting, designing, deploying, or using OT Security tools, such as Claroty, Dragos, Forescout, Nozomi, Tenable OT, or others; vendor certifications for deployment a plus
Over seven+ (7+) combined years of OT network architecture and security design experience is strongly preferred
Operational Technology Penetration Testing (OTPT) experience is preferred
SANS Global Industrial Cyber Security Professional (GICSP) or GIAC Response and Industrial Defense (GRID) certification is preferred
Knowledge of ISA/IEC 62443, NIST, SANS ICS Critical Controls, TSA Directives, and other OT best practice security frameworks is preferred
Desired Knowledge, Skills, and Abilities
While it may not be feasible to satisfy every desired attribute listed below perfectly, the OT Security Consultant is expected to possess the vast majority of these attributes:
Able to be lead engineer as technical oversight
Able to assist in OT project scoping and pre-sales activities as needed
May need occasional assistance from a senior team member during report review meetings when describing more complex scenarios
Writes strong reports that typically require only minor re-writing/edits before delivery to clients
Performs tasks in a timely manner (e.g., timesheets, reports, weekly status reports) and can communicate issues efficiently if any arise
Ability to speak at conferences and author Whitepapers/Case Studies as needed
Ability to handle tricky client/project situations with assistance from senior team member
Strong knowledge of OT related attacks, tactics, and techniques
Senior Security Engineer - Operational Technology
Description
GuidePoint Security is looking for highly skilled OT security professionals for upcoming commercial projects. GuidePoint Security’s OT service offerings are perpetually evolving in response to emerging threats and diverse client needs. We are growing and are looking to hire a Senior OT Security Engineer with an in-depth understanding of securing Operational Technology (OT). Knowledge of OT, ICS, SCADA, IIoT, network architecture, and industrial cybersecurity design is required.
Role Requirements
Deliver OT security engineering services, including, but not limited to: deployment of OT security tools, health-checks of existing OT security tools, working with clients and vendors to make configuration changes as needed to OT solutions, and OT security architecture assessments
Author comprehensive services deliverables that are proficiently tailored to both technical and managerial audiences, and fully detail the technical execution, core deficiencies, business impact, and realistic remediation strategies
Perpetually strengthen relevant skills, knowledge, and abilities to stay at the forefront of the OT security industry
Foster strong client relationships and represent GuidePoint well by providing interactive and collaborative support, information, and guidance to ensure delivery of maximum value
Maintain a strong desire to learn, adapt, and improve along with a rapidly-growing company
Collaborate with a wide range of departments to improve our OT service offerings to align with the SANS Five ICS Critical Control
Education, Credentials, and Experience
Knowledge of the Purdue Model Framework and PERA architecture
Minimum of five-seven (5-7) years of experience performing security services related to OT
Minimum of five (5) years of experience architecting, designing, deploying, or using OT Security tools, such as Claroty, Dragos, Forescout, Nozomi, Tenable OT, or others; vendor certifications for deployment a plus
Over seven+ (7+) combined years of OT network architecture and security design experience is strongly preferred
Operational Technology Penetration Testing (OTPT) experience is preferred
SANS Global Industrial Cyber Security Professional (GICSP) or GIAC Response and Industrial Defense (GRID) certification is preferred
Knowledge of ISA/IEC 62443, NIST, SANS ICS Critical Controls, TSA Directives, and other OT best practice security frameworks is preferred
Desired Knowledge, Skills, and Abilities
While it may not be feasible to satisfy every desired attribute listed below perfectly, the OT Security Consultant is expected to possess the vast majority of these attributes:
Able to be lead engineer as technical oversight
Able to assist in OT project scoping and pre-sales activities as needed
May need occasional assistance from a senior team member during report review meetings when describing more complex scenarios
Writes strong reports that typically require only minor re-writing/edits before delivery to clients
Performs tasks in a timely manner (e.g., timesheets, reports, weekly status reports) and can communicate issues efficiently if any arise
Ability to speak at conferences and author Whitepapers/Case Studies as needed
Ability to handle tricky client/project situations with assistance from senior team member
Strong knowledge of OT related attacks, tactics, and techniques