Close

Principal Incident Response Consultant

Jalal Bouhdada

Founder & CEO

Having led Applied Risk since he founded the company in 2012, Jalal is responsible for Applied Risk’s industrial security services and product development. Jalal has led many complex ICS cyber security projects for major global clients, including some of the world’s largest industrial companies and utilities. As a global thought-leader on industrial control systems security and critical infrastructure protection, Jalal is an active member of several professional security societies and has co-authored ICS security best practice guidelines for ENISA and the ISA 99. He also frequently lectures to private and public audiences around the world.

Job Description

Applied Risk is an established leader in Industrial Control Systems security. We help businesses to protect assets and reduce security risk, providing organisations ranging from Fortune 500 enterprises to small-to-medium sized businesses with the services and solutions they need to transform the way they procure, build, integrate and manage their critical infrastructures. Established in 2012, we have quickly grown to become a major cybersecurity player within the Industrial Automation and Control Systems (IACS).

We are expanding our Industrial Control Systems (ICS) and Industrial Internet (IIoT) security capability globally in order to support growing clients needs in this area. We are looking for Industrial Control Systems Security Consultant with strong experience in critical infrastructure sectors (Power, Oil&Gas, Transportation, Water, Manufacturing etc.) and a variety of cyber security disciplines.

Key Responsibilities

  • Leveraging triage skills and a variety of Digital Forensic and Threat Analysis tools when responding to client incidents
  • Providing our clients with ongoing support post-incident and providing detailed briefings and reports to executive leadership
  • Assessing intrusion signatures, tactics, techniques, and procedures associated with sophisticated cyber breaches
  • Perform host and/or network-based forensics across ICS/SCADA systems
  • Conduct red-team, penetration testing activities by leveraging actual adversary TTPs
  • Assess and develop information security and incident response programs in a proactive fashion to help mature the security posture of organizations prior to an incident
  • Lead incident response and proactive engagements
  • Produce high-quality written and verbal reports, presentations, recommendations, and findings to customer management
  • Demonstrate industry thought leadership through blog posts, conferences, and other public speaking events
  • Manage internal programs or teams.

Desired Skills & Experience

  • Experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hactivists
  • Experience leading client engagements and investigations
  • Experience with operational technologies such as Remote Terminal Units (RTUs),
  • Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS) and SIS
  • Fundamental understanding of IT and OT network communication protocols (For example: TCP/IP, UDP, OPC, IEC 101/104, Modbus, IEC 61850, WirelessHART, ISA100 etc.)
  • Background in a CNI domain, eg transport, energy, utilities, defence or other heavy industry.

Degrees & Qualifications

  • 5-10 years of Digital Forensics or Host-based Forensic Analysis Experience
  • Excellent consulting and communication skills
  • Good interpersonal skills and a professional image
  • Contributing thought leader within the incident response industry
  • Ability to foster a positive work environment and attitude.
  • Ability and willingness to travel, up to 50%
  • OSCP/OSCE, or GCFA, GREM certification
  • Bachelor’s or Master’s degree in Computer Engineering, Electrical Engineering, Computer Science or a related technical field
  • Fluent in Dutch and English.

Send an application .

Apply for this job

Thank you for your submission!