With more than 3200 employees worldwide, 32 locations around the world and 4 business units, the Kudelski Group offers endless opportunities for people to start new journeys, grow and succeed.
SHAPE THE FUTURE WITH US!
Senior Consultant Kudelski Security (OT Security)Stimulating. Motivating. Challenging. Leveraging its long-standing expertise in securing digital content as well as fighting piracy, Kudelski Security, a division of the Kudelski Group, is a provider of cybersecurity solutions and services focused on protecting data, processes and systems for companies and organizations around the world, safeguarding their assets at a time of increasingly remote communications.
Location: Madrid, Spain
MissionThe Digital Infrastructure & Endpoint Protection practice is the home base of a growing number of advisors that can deliver OT/ICS/DCS/SCADA related engagements. The EMEA OT Consultant is a crucial member of our Kudelski Security Advisory team working closely and reporting to the Digital Infrastructure & Endpoint Protection practice lead, and ultimately reporting to Technical Practice Lead.
ResponsibilitiesYour Responsibilities will be to:
Performs cybersecurity & vulnerability criticality assessment of the OT systems & Categorize the risksBenchmarks the cybersecurity system state as per ISA/IEC 62443 / NISTIdentifies the gaps to reach desired SL level and Recommend the mitigation actions as per the assessmentUnderstands the frameworks and recommends applicable controls specific to the environment and systemsDevelops Audit reportsIdentifies the gaps and coordinate with the stakeholders for closureExperience in planning the audit and assessment activitiesPerform the hardening of the OT systems and networkLiaises with the OT asset owners for implementation activities and site planning for performing these activitiesPerforms risk assessment of the implementation activities and identify the mitigation measure for smooth implementation on site
This role involves Assisting the development of Proposals and Statement of Works (SOW) in close collaboration with the sales and pre-sales team, and other advisory team members working as one teamWorking closely with the rest of the advisory team to deliver consistent outcomes across regions acting as one teamWorking collaboratively with other BU's and divisions inside of Kudelski SecurityDevelop and maintain strong relationships with KS colleagues and the KS clients, contributing to a positive culture of change and innovationDevelop and maintain strong relationships with KS clientsRequirements / ProfileYou are Very good knowledge of security principles and firm knowledge of cybersecurity technologies, as well as industry-recognized certifications, such as - CISSP, CISM, CISA, CEH, GICSP, IEC 62443, etc.Experienced with security engineering principles, various cybersecurity assessment methodologies, security control implementation, and validation, and system life-cycle practicesAble to demonstrate you have advanced knowledge of networks and control systems utilized by critical infrastructure sectors, is preferredAble to demonstrate you understand business principles and operational security practices specific to engineering and/or security consultingProven knowledgeable with industry good practice, such as IEC 62443 (3-3, 3-2), NIST CSF, NIST 800-82r2, ONG-C2M2, NERC-CIPExperienced with physical cabling for network communications and control system input/outputKnowledgeable with - Security, Orchestration, Automation & Response (SOAR) solutions- OT asset inventory w/ change detection solutions- Vulnerability Management solutions- Identity and Access Control solutions- Zero Trust Security solutions- OT network & communications monitoring solutions+ Knowledge of the Purdue model (ISA95)Knowledgeable with - Cybersecurity controls, specifically those relating to firewalls, identity, and access control, authentication, and authorization, anti-virus/anti-malware, patch management, network, and system hardening, SIEM implementation, and/or tuning, and loggingKnowledge with legacy and modern computer networking and telecommunications
You have Minimum of bachelor's degree in a technical field3+ years of industrial cybersecurity experienceAdditional applicable years of experience may be considered in lieu of degree requirementsCybersecurity, Industrial Cybersecurity, Cyber-Physical Systems, Computer Science or Information Systems, Computer Engineering, Electrical Engineering, or another related technical field with appropriate experienceControl systems from a wide range of vendors (PLC, DCS, SCADA)Preferable training/certifications in any of these ISA 62443, CISSP, GIAC, ICS-CERT, or SANSStrong written and oral communication skillsStrong analytical and critical thinking skillsAbility to operate under pressure and under tight deadlines, to operate onsite within industrial, corporate, and government work settingsAbility to present complex technical issues and their impact in an easy-to-understand mannerMust have Effective Written/Verbal Communication Skills in English and other European languageReference: 14305
Publication Date: 02-02-2024
If you love the challenge as much as the rewards and are ready to take your career to the next level, apply today.
#J-18808-Ljbffr
