QSS Global jobs - OT/IOT Cyber Security Engineer

Job Description - OT/IOT Cyber Security Engineer

Role:

• This Role will deliver the security design & Implementation for OT/IOT security engagement, and you will be contributing as a subject matter resource for OT Cyber security.
• The candidate is expected to possess strong knowledge and skills on Cyber security to perform threats and cyber risk analysis, propose solution to mitigate the risk based on Defense-in-Depth strategy.
• Define security architecture, technical solutions and organizational measure in order to reduce the level of cyber risk..
• Configuration of network and cyber tool.
• Implementing appropriate security controls to protect the infrastructure by develop network architecture and Network segmentation.
• OT system Vulnerability management (assessment and remediations)
• Leading cybersecurity setups and operations
• Maintaining an accurate documentation of all cybersecurity procedures
• Audit of ICS/OT environment and performing risk/vulnerability assessment.
• Conduct in-depth audit against IEC 62443/NIST
• Develop effective approach to reduce exposure to identify cyber security risk and recommendation.
• Vendor Management.
• Incident management and response planning.

Must have Qualifications:

• Bachelor’s degree in electronics , Information Technology, Computer Science or related field.
• 4-5 years of experience in IT Cyber security and 3-4 relevant exp in OT Cyber security.

• You will be having at 5-6 years of hand-on experience in assessing, designing, implementing ICS/OT network architectures, Network Segmentation , Malware Protection, Vulnerability Management, patch management, OT Asset Management, Logging and Monitoring, etc.)
• Solid knowledge of industrial networking protocol security IEC 104, Modbus , OPC, DNP etc.
• Knowledge of Cyber Security tools (such as EDR / EPP, SIEM / SOAR, Firewalls, IDS / IPS, Secure Remote Access, Switching & Routing etc.) – we are open for many technology stacks.
• Knowledge of SIEM, security event logging and monitoring technology platform such as Industrial defender, Splunk, Arcsight, Claroty, tenable etc.
• Capable of evaluating the cyber risk to SCADA, Grid, ECS system architecture.
• Solid understanding of standards such as IEC62443, NERC-CIP, NIST.
• Strong knowledge of OT governance planning, Implementation, OT assessment, Policy procedure development.
• Being in possession of any security certificate ( e.g. ISA 62443, GICSP, CISSP)
• Familiarity with the MITRE ATTCK Framework.