Job Opportunity for OT Security Consultant - Essen, Germany
Firmenname für PREMIUM-Mitglieder sichtbar
- Mai 2024
- Juni 2024
- D-49632 Essen (Oldenburg)
- auf Anfrage
- 08.05.2024
Projekt Insights
Projektbeschreibung
Hello,
Greetings from us !!
Role - OT Security Consultant
Location - Essen, Germany
Onsite/Hybrid: 3 days per week to work from office
Language: English, German is an added advantage
Your working area & responsibilities:
Key Responsibility - A Security Consultant undertakes complex work of a high-risk level, often working on several projects. In this role, you will:
• Interact with senior stakeholders across departments and act as Subject Matter Expert, serving as a consultant and advisor for cybersecurity projects and topics. Provide guidance, coaching and expertise to help the teams design and implement cybersecure.
• Monitor technology trends and the application of new technologies. Master cybersecurity standards and policies to ensure offers are compliant and to influence the direction of standards. Investigate and define next generation security for the world’s critical infrastructure.
• Create innovative concepts and perform feasibility studies (proof of concept) using preferred partner infrastructures.
• Participate with the global (to Customer) Cybersecurity Architecture Committee
• Ensure product development teams abide with risk-driven cyber security solutions.
• Participate in the security incident response processes.
• Drive corporate initiatives to enhance product security capabilities. This includes conformance to country and state specific cyber-regulations.
o Assess security architecture.
o Risk assessment, analysis, and recommendation.
o Auditing & Audit Automation.
o Business impact & privacy analysis.
o Security compliance, governance audits
o ICS/OT environment Compliance assessment
o Prepare security policy, framework, guidelines.
o Advisor to Senior Management on Business Continuity, Risk Management program
o Technical documentation.
o Prepare remediation plan and execution of plan.
• Communicate with management on risk management concepts, provide risk mitigation options / scenarios.
• Maintain knowledge on operational security topics and their applicability to Customer Environment.
• Together with marketing and product departments, specify and develop requirements to secure architectures and features.
• Assist lines of business with the implementation of cybersecurity features
• Reach and influence a wide range of people across larger teams and communities.
• Develop vision, principles, and strategy for security architects for one project or technology.
• Understand the impact of decisions, balancing requirements and deciding between approaches.
• Be the point of escalation for architects.
Your skillset
Knowledge and Skills
• Good understanding on IT-OT convergence, Purdue Model, IDMZ concepts, network technologies, systems, and concepts.
• Good knowledge of industrial communication protocols and technologies from main vendors.
• Hands on experience on anomaly detection tools in the ICS/OT environment.
• Good skill on correlation of data and remediation of any misconfigurations.
• Knowledge of OT asset & vulnerability management. Work with OT asset owners to remediate asset or vulnerability issues.
• hands-on experience and knowledge of ICS / SCADA System Security (design, controls)
Experience on OT monitoring technologies
• Experience in incident handling and response system SIEM & SOAR
• Hands on experience on Wireshark PCAPs, IDS, IPS
• Experience in troubleshooting industrial protocols such as OPC, Modbus TCP, HART etc
• Service Organization Control (SOC1, SOC2) Audit & Compliance
• Excellent written & verbal communication and analytical skills.
• Good documentation skills.
• Good problem-solving skills.
Experience:
• Minimum 10+ years of working experience in Cyber Security Consulting or Advisory in Risk Assessment, BCP/DR, Data Privacy.
• Minimum 10+ years of hands-on experience in OT security consulting and Advisory in Risk Assessment.
• Successfully delivered at least 2 (two) Cyber Security consulting projects as consultant in recent years (2 years).
• Good understanding on the Purdue model, PLC, SCADA, ICS, ISA/IEC 62443, COBIT and ISO 27001, NIST, PCI-DSS standards
• General understanding of Cyber security frameworks and standards such as ISO, NIST CSF, CIS, and MITRE ATT&CK, OWASP 10, SANS 25, BSSIM, SAMM.
Education & Certification:
Bachelor's degree is required.
Preferred Certification (VALID):
• CRISC
• ISA/IEC 62443
• GRID
• GICSP
• CISSP
• Cisco CCENT/CCNA
If this sounds interesting kindly share your updated cv.
Greetings from us !!
Role - OT Security Consultant
Location - Essen, Germany
Onsite/Hybrid: 3 days per week to work from office
Language: English, German is an added advantage
Your working area & responsibilities:
Key Responsibility - A Security Consultant undertakes complex work of a high-risk level, often working on several projects. In this role, you will:
• Interact with senior stakeholders across departments and act as Subject Matter Expert, serving as a consultant and advisor for cybersecurity projects and topics. Provide guidance, coaching and expertise to help the teams design and implement cybersecure.
• Monitor technology trends and the application of new technologies. Master cybersecurity standards and policies to ensure offers are compliant and to influence the direction of standards. Investigate and define next generation security for the world’s critical infrastructure.
• Create innovative concepts and perform feasibility studies (proof of concept) using preferred partner infrastructures.
• Participate with the global (to Customer) Cybersecurity Architecture Committee
• Ensure product development teams abide with risk-driven cyber security solutions.
• Participate in the security incident response processes.
• Drive corporate initiatives to enhance product security capabilities. This includes conformance to country and state specific cyber-regulations.
o Assess security architecture.
o Risk assessment, analysis, and recommendation.
o Auditing & Audit Automation.
o Business impact & privacy analysis.
o Security compliance, governance audits
o ICS/OT environment Compliance assessment
o Prepare security policy, framework, guidelines.
o Advisor to Senior Management on Business Continuity, Risk Management program
o Technical documentation.
o Prepare remediation plan and execution of plan.
• Communicate with management on risk management concepts, provide risk mitigation options / scenarios.
• Maintain knowledge on operational security topics and their applicability to Customer Environment.
• Together with marketing and product departments, specify and develop requirements to secure architectures and features.
• Assist lines of business with the implementation of cybersecurity features
• Reach and influence a wide range of people across larger teams and communities.
• Develop vision, principles, and strategy for security architects for one project or technology.
• Understand the impact of decisions, balancing requirements and deciding between approaches.
• Be the point of escalation for architects.
Your skillset
Knowledge and Skills
• Good understanding on IT-OT convergence, Purdue Model, IDMZ concepts, network technologies, systems, and concepts.
• Good knowledge of industrial communication protocols and technologies from main vendors.
• Hands on experience on anomaly detection tools in the ICS/OT environment.
• Good skill on correlation of data and remediation of any misconfigurations.
• Knowledge of OT asset & vulnerability management. Work with OT asset owners to remediate asset or vulnerability issues.
• hands-on experience and knowledge of ICS / SCADA System Security (design, controls)
Experience on OT monitoring technologies
• Experience in incident handling and response system SIEM & SOAR
• Hands on experience on Wireshark PCAPs, IDS, IPS
• Experience in troubleshooting industrial protocols such as OPC, Modbus TCP, HART etc
• Service Organization Control (SOC1, SOC2) Audit & Compliance
• Excellent written & verbal communication and analytical skills.
• Good documentation skills.
• Good problem-solving skills.
Experience:
• Minimum 10+ years of working experience in Cyber Security Consulting or Advisory in Risk Assessment, BCP/DR, Data Privacy.
• Minimum 10+ years of hands-on experience in OT security consulting and Advisory in Risk Assessment.
• Successfully delivered at least 2 (two) Cyber Security consulting projects as consultant in recent years (2 years).
• Good understanding on the Purdue model, PLC, SCADA, ICS, ISA/IEC 62443, COBIT and ISO 27001, NIST, PCI-DSS standards
• General understanding of Cyber security frameworks and standards such as ISO, NIST CSF, CIS, and MITRE ATT&CK, OWASP 10, SANS 25, BSSIM, SAMM.
Education & Certification:
Bachelor's degree is required.
Preferred Certification (VALID):
• CRISC
• ISA/IEC 62443
• GRID
• GICSP
• CISSP
• Cisco CCENT/CCNA
If this sounds interesting kindly share your updated cv.
Kontaktdaten
Als registriertes Mitglied von freelance.de können Sie sich direkt auf dieses Projekt bewerben.
Kategorien und Skills
Management, Unternehmen, Strategie:
Technik, Ingenieurwesen:
Sie suchen Freelancer?
Schreiben Sie Ihr Projekt aus und erhalten Sie noch heute passende Angebote.
Jetzt Projekt erstellen