Operational Technology Security Consultant

4 days, 2 hours ago
Full-time
Mid Level
Cybersecurity
Coalfire

Coalfire

Coalfire is a cybersecurity advisor that helps organizations avert threats, reduce risk, and turn security into a competitive advantage, fueling their success.

Internet Software & Services
251-1K
Founded 2001
$9M raised

Description

  • Assess the security posture and maturity of client OT environments across manufacturing, energy, utilities, and other critical infrastructure sectors.
  • Conduct stakeholder interviews and review OT policies, procedures, architecture documentation, and compliance records.
  • Evaluate client environments against OT security practices and frameworks such as IEC 62443, NIST SP 800-82, NIST CSF, NERC CIP, NIS2, EU Cyber Resilience Act, and C2M2.
  • Develop maturity assessment, benchmarking, and gap analysis reports with prioritized remediation recommendations.
  • Create sequenced remediation roadmaps with timelines and implementation guidance for identified OT security gaps.
  • Advise clients on OT security program structure, governance, roles and responsibilities, and related policies and procedures.
  • Present assessment findings, risk analysis, and strategic recommendations to clients and leadership through executive briefings and detailed reports.
  • Support OT risk and security discussions with technical teams, operations staff, and executive stakeholders.
  • Work with Project Managers, Directors, and Delivery teams to manage project scope and timelines.
  • Support other Cyber Risk Advisory consulting engagements as needed to maintain team capacity.

Requirements

  • At least 4 years of experience in operational technology security, OT risk assessment, or related infrastructure security roles.
  • Bachelor's degree in Engineering, Computer Science, Information Systems, or a related field, or an equivalent combination of education and experience.
  • Direct experience in OT environments such as manufacturing, energy, utilities, or other critical infrastructure sectors.
  • Hands-on experience with Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems.
  • Knowledge of control system technologies, industrial automation architectures, and OT-specific networking environments.
  • Expertise in OT security assessment frameworks including IEC 62443, NIST SP 800-82, and industry-specific requirements such as NERC CIP.
  • Understanding of emerging OT regulatory requirements including the NIS2 Directive and EU Cyber Resilience Act.
  • Strong analytical and critical thinking abilities.
  • Strong oral and written communication skills for presenting technical findings to both technical and non-technical audiences.
  • Preferred: GICSP, CISM, CISSP, GRID, or GCIH certification.
  • Preferred: C2M2 assessment experience.
  • Preferred: NIST CSF assessment and implementation experience.
  • Preferred: Incident response experience in OT or critical infrastructure environments.
  • Preferred: Business continuity or disaster recovery experience in OT environments.
  • Preferred: Experience with safety-critical systems and functional safety standards such as IEC 61508 and ISO 10218.
  • Preferred: Technical writing experience for policy and procedure development.
  • Preferred: Cloud platform experience relevant to OT environments or industrial IoT implementations.

Benefits

  • Flexible work model with the option to work from home or an office.
  • Competitive perks and benefits.
  • Paid parental leave.
  • Flexible time off.
  • Certification and training reimbursement.
  • Digital mental health and wellbeing support membership.
  • Comprehensive insurance options.
  • Opportunities to join employee resource groups and participate in in-person and virtual events.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Professional Services Engineer - DOW Skillbridge Approved

Corelight 251-1K IT Services

Corelight is hiring a Professional Services team member to help customers deploy and use its cybersecurity products while improving network security and supporting incident investigations and integrations.

Bash Cybersecurity Elasticsearch Kafka Linux Logstash macOS Perl PowerShell Python SIEM Splunk TCP/IP Unix
1 hour, 40 minutes ago

Penetration Tester

Accenture 100K+ Professional Services

Accenture Federal Services is seeking a Penetration Tester to lead and execute a unified penetration-testing program across network, application, and cloud environments for federal clients.

Burp Suite DevSecOps Metasploit Penetration Testing SOC
1 hour, 55 minutes ago

SailPoint Consultant

Lever 251-1K Professional Services

Spry Methods is hiring a SailPoint Consultant to support identity and access management work for clients through implementation, customization, and ongoing operations of SailPoint IdentityIQ or IdentityNow.

Cybersecurity Java JavaScript Linux SQL Unix
2 hours, 10 minutes ago

Principal AI Security Specialist

Zscaler 1K-5K Internet Software & Services

Zscaler is hiring a Principal AI Security Specialist to lead enterprise AI security conversations and help customers securely adopt GenAI across complex technical and sales engagements.

Cybersecurity Generative AI LLM
2 days, 1 hour ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers