We are looking for a Full-remote OT Security Specialist to join the team of our client – a global company in the industry sector.
What will be your main tasks and responsibilities?
* Assess, implement, and monitor cybersecurity controls specific to OT environments, aligned with standards such as ISA/IEC 62443, NIST, and ISO 27001;
* Collaborate with operations, engineering, and various key IT teams to identify risks and protect ICS/SCADA systems from cyber threats;
* Conduct threat modelling, vulnerability assessments, and risk analysis for OT assets and networks;
* Lead or assist in incident response efforts involving OT systems, including containment, remediation, and post-incident reporting;
* Manage and maintain asset inventories of OT equipment, including network diagrams and configuration documentation;
* Manage and maintain asset inventories of OT equipment, including network diagrams and configuration documentation;
* Define and enforce secure segmentation between IT and OT networks (e.g., using firewalls, data diodes, VLANs);
* Review and support secure configuration and patching strategies for OT hardware and software;
* Work with external vendors and service providers to assess third-party risks and ensure compliance with cybersecurity policies;
* Provide training and guidance to plant and operational staff on OT security best practices;
* Contribute to the development of cybersecurity policies, procedures, and governance specific to OT environments;
* Participate in audits, compliance activities, and regulatory reporting as needed.
What is required from you?
* Degree in Computer Science, or a related field;
* Deep understanding of industrial communication protocols (Modbus, DNP3, OPC, etc.);
* Familiarity with network security tools (IDS/IPS, firewalls, NAC) and industrial control system platforms;
* Experience with risk assessment and cybersecurity frameworks (NIST CSF, ISA/IEC ;
* Ability to work cross-functionally with engineers, IT staff, and plant operations teams;
* Relevant certifications such as GICSP, CISSP, CISM, ISA/IEC 62443 Certificate, or CEH;
* Experience in conducting security assessments or penetration testing in OT environments;
* Experience collaboration with Betriebsrat (German Works Council) or similar;
* Knowledge of BSI Grundschutz or TÜV/DEKRA (Germany specific) cybersecurity standards;
* Knowledge of regulatory environments (e.g., NIS2 Directive (EU), IT-Sicherheitsgesetz (German IT Security Act), ISO 27001, GDPR, etc.);
* Fluency in English (both written and spoken).
Sounds like you? Send us your CV and let's talk