Applied Risk is an established leader in Industrial Control Systems security. We help businesses to protect assets and reduce security risk, providing organisations ranging from Fortune 500 enterprises to small-to-medium sized businesses with the services and solutions they need to transform the way they procure, build, integrate and manage their critical infrastructures. Established in 2012, we have quickly grown to become a major cybersecurity player within the Industrial Automation and Control Systems (IACS).
We are seeking to expand our Industrial Control Systems (ICS) and Industrial Internet (IIoT) security capability globally in order to support growing clients needs in this area. We are looking for Industrial Control Systems Security Consultant with strong experience in critical infrastructure sectors (Power, Oil&Gas, Transportation, Water, Manufacturing etc.) and a variety of cyber security disciplines including:
- Industrial Automation and Process Control
- Enterprise, IT and OT cyber security
- Industry regulations including IEC 62443, NIST SP800 and other industry standards and regulations
- Smart Grids and Digital Oilfields.
- Perform control systems risk assessments, and security awareness training for systems operators, owners and vendors
- Conduct perational impact analysis workshops and technical trade–off studies against SCADA, PLC and DCS architectures, and associated industrial communication protocols
- Develop industrial control systems security programs, and securing IACS network architecture
- Present technical design proposals and reports to customers and/or other senior engineering, management and government groups in clear, complete, concise and non–ambiguous terms.
Desired Skills & Experience
- Experience with operational technologies such as Remote Terminal Units (RTUs), Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS) and SIS.
- Experience with major industrial systems such as Emerson, Yokogawa, Honeywell, GE, ABB, Siemens...etc
- Fundamental understanding of IT and OT network communication protocols (For example: TCP/IP, UDP, OPC, IEC 101/104, Modbus, IEC 61850, WirelessHART, ISA100 etc.)
- Active participation in design concepts and implementation strategies for various SIS, PLC and DCS systems to guarantee practical implementation of security standards
- Understanding of contemporary and legacy security technologies used within a particular domain, such as Firewalls, IDS/IPS, Diodes, SIEM
- Strong knowledge of networking technology (e.g. routers, switches, firewalls)
- Must have the ability to quickly master, simplify, and communicate the value proposition of complex subjects to clients
- Comprehend the customer’s business environment and suggest fit for OT security solutions
- Background in a CNI domain, eg transport, energy, utilities, defence or other heavy industry
- Perform presales activities (e.g. proposals, presales calls, RFP responses).
Degrees & Qualifications
- Bachelor’s or Master’s degree in Computer Engineering, Electrical Engineering, Computer Science or a related technical field
- Minimum of two years in industrial control systems security experience
- Excellent consulting and communication skills
- Good interpersonal skills and a professional image
- Ability and willingness to travel 20%+
- CISSP, GICSP, CISM or CFSE/CFSP certification
- Fluent in Dutch and English.