INDUSTRIAL & OT CYBER SECURITY PENETRATION TESTER - BANGALORE Information Technology
Key Responsibilities Include:
- Perform security assessments for clients through attack and penetration (primarily network penetration testing, web application vulnerability assessment and source code security and network device configuration review)
- Evaluate and analyze threat, vulnerability, impact and risk to security issues discovered from security assessments
- Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the systems.
- Perform research on latest threats and vulnerabilities as part of continuous development.
- Consistently deliver quality client services and manage expectations of client service delivery.
- Drive high-quality work products within expected timeframes and on budget.
- Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.
- Stay abreast of current business and industry trends relevant to the client's business.
- Develop and maintain long-term relationships and networks with clients and internal company’s stakeholders
- Demonstrate deep technical capabilities and professional knowledge.
- Possess in depth business acumen and demonstrate ability to quickly assimilate to new knowledge.
- Perform penetration testing on SCADA/ICS/IOT systems
- Review and assess security controls associated with SCADA, ICS and IOT systems
- Advice clients on cyber security guidelines and best practices
- Remain current on new developments in advisory services capabilities and industry knowledge.
Qualification and Experience:
- A recognized university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent.
- Have at least two year of relevant working experience with implementation or deployment ICS/SCADA/IOT systems
- Atleast 8 years experience in conducting penetration testing, vulnerability assessment and technical risk assessment out of which atleast 4 years experience in conducting penetration testing for ICS/SCADA/IOT systems
- Strong interest in the field of cyber security in industrial control systems and internet of things.
- Creative, independent with good problem solving skills
- Strong analytical, interpersonal, communication and writing skills; should be able to develop risk based technical reports for tests performed and should be able to communicate to technical and business executives acoss organization.
- Willingness to travel on overseas assignment as the need arises
- Professional certifications such as Offensive Security Certified Professional (OSCP), Global Industrial Cyber Security Professional (GICSP), GIAC Penetration Tester (GPEN), Certified Information Systems Auditor (CISA) and / or Certified Information Systems Security Professional (CISSP)
- Working knowledge and familiarity with relevant operating platforms, programs, software/hardware – GE, Allen-Bradley, Siemens, Schneider PLCs, and SCADA.
- Understanding of relevant regulatory requirements and industry standards including NIST, IEC 62443, and industry best practices and vendor recommendations relevant to Industrial Control Systems and Operational Technology Systems.
- Ability to exercise effective independent judgement, to prioritise and deliver business results in a fast moving, high pressure and demanding environment with competing priorities.
- Ability to communicate clearly, convincingly, and with authority across diverse cultures at all levels in the organisation.