We are looking for a Full-remote OT Security Specialist to join the team of our client - a global company in the industry sector.
What will be your main tasks and responsibilities?
Assess, implement, and monitor cybersecurity controls specific to OT environments, aligned with standards such as ISA/IEC *****, NIST, and ISO *****;
Collaborate with operations, engineering, and various key IT teams to identify risks and protect ICS/SCADA systems from cyber threats;
Conduct threat modelling, vulnerability assessments, and risk analysis for OT assets and networks;
Lead or assist in incident response efforts involving OT systems, including containment, remediation, and post-incident reporting;
Manage and maintain asset inventories of OT equipment, including network diagrams and configuration documentation;
Manage and maintain asset inventories of OT equipment, including network diagrams and configuration documentation;
Define and enforce secure segmentation between IT and OT networks (e.g., using firewalls, data diodes, VLANs);
Review and support secure configuration and patching strategies for OT hardware and software;
Work with external vendors and service providers to assess third-party risks and ensure compliance with cybersecurity policies;
Provide training and guidance to plant and operational staff on OT security best practices;
Contribute to the development of cybersecurity policies, procedures, and governance specific to OT environments;
Participate in audits, compliance activities, and regulatory reporting as needed.
What is required from you?
Degree in Computer Science, or a related field;
Deep understanding of industrial communication protocols (Modbus, DNP3, OPC, etc.);
Familiarity with network security tools (IDS/IPS, firewalls, NAC) and industrial control system platforms;
Experience with risk assessment and cybersecurity frameworks (NIST CSF, ISA/IEC *****).;
Ability to work cross-functionally with engineers, IT staff, and plant operations teams;
Relevant certifications such as GICSP, CISSP, CISM, ISA/IEC ***** Certificate, or CEH;
Experience in conducting security assessments or penetration testing in OT environments;
Experience collaboration with Betriebsrat (German Works Council) or similar;
Knowledge of BSI Grundschutz or TÜV/DEKRA (Germany specific) cybersecurity standards;
Knowledge of regulatory environments (e.g., NIS2 Directive (EU), IT-Sicherheitsgesetz (German IT Security Act), ISO *****, GDPR, etc.);
Fluency in English (both written and spoken).
Sounds like you? Send us your CV and let's talk!
#LI-LC1
Poderá encontrar o anúncio original publicado em: