Operational Technology is all around us. All the products we buy, the food we consume, the energy we use, we all depend on it. In all these sectors, some of them are known as critical infrastructure, and critical processes are managed through operational technology (OT) and information technology (IT) systems. Digital security of these systems is of increasing importance, as more and more OT systems are connected and controlled through IT systems. Moreover, cybercrime is growing in the world of critical infrastructure, and last but not least, nation-states using cyberattacks for espionage or even to sabotage critical infrastructure.
We offer multiple services that are tailored to the industrial sector and its specific requirements. First, our advisory services, for example, gap-analysis or risk assessments based on IEC 62443, IT & OT Site assessments, Threat modeling, a NIS compliance check, and a security maturity review. All these services are designed to support our customers to identify risks and improve their security resilience, no matter their current security maturity state. We also offer offensive services in penetration tests and Red Teaming assignments, both in IT and OT environments. With these services, we help our customers to validate their current security countermeasures, test their defensive capabilities, and discover possible unknown vulnerabilities. On top of these services, we also provide specific OT security training, offer a comprehensive IT/OT security awareness & behavior program, and perform OT security research. One notable example is the recent release of OTCAD, an Operational Technology Cyber Attack Database, that consists of a mapping between known OT-related cyber-attacks and MITRE’s ATT&CK framework for ICS.
As a Senior Business Consultant IT/OT Security, you will be involved in security assessment projects for various industries. This job focuses on expanding Secura across multiple industry domains in The Netherlands and internationally. Technical security assessments have been our core business since 2000, and since 2017 we have grown internationally and in specific industries. Your role will be essential within this development.
As a Senior Business Consultant IT/OT Security, you will:
- Perform advisory services on client SCADA/ICS/OT infrastructure for small to large-sized projects. This will include security risk assessments based on IEC 62443 and QAROT, gap analysis, compliance checks, and security maturity reviews.
- Provide support in security design and security architecture of industrial networks.
- Assist customers in establishing or extending their SCADA/ICS/OT security program.
- Assist customers with secure digital transformation and Industry 4.0 initiatives.
- Interpret security vulnerabilities, risks, policies, and procedures concerning the operational business impact.
- Manage and execute assessments based on recognized frameworks or specific frameworks developed by Secura.
- Promote and use relevant services by Secura that has added value for the customer.
- Support our sales with your technical expertise.
- Coaching junior and medior consultants on knowledge development and service offering.
- Actively contribute to knowledge and service offering development.
- A completed BSc/MSc/Ph.D. degree.
- Practical security experience within industrial networks and industrial devices like PLC, DCS, Safety systems, and SCADA.
- Experience with industrial communication protocols, like Modbus, IEC104, and vendor-specific protocols.
- Experience with conducting risk analyzes and assessing risk management processes.
- Good advisory skills and can communicate technical concepts and assessment results verbally and in written reports in simple terms.
- Knowledge of IEC 62443, MITRE ATT@CK for ICS, NIST CSF, and NIST SP 800-82.
- Preferable a GISCP and/or IEC 62443 certification.
- Good communication skills (written and oral) in English and preferably Dutch.
- Interest and ability to write exciting whitepapers and publications.
- A supportive, proactive, and positive personality, and you know how to attract and engage both customers and colleagues.
- Not a 9 to 5 mentality, and traveling to customers, including accommodation, is no problem for you.
What can we offer you?
As Secura is a growing organization with big ambitions, we can offer you a chance to grow along with us, both personally and professionally. Our team exists mainly of young professionals who have a great passion for their profession and love to transfer their knowledge. The informal atmosphere allows people to be themselves and have fun at work. Overall, Secura is a great place to develop your knowledge further and expand your field of expertise.
We have a diverse client base in the industry, finance, public, critical infra, where defending the IT systems is of utmost importance. We reward good performance, and our salaries are therefore based on the knowledge, experience, and passion you bring to Secura. Secondary employment conditions are what you would expect from a progressive company. They include 28 days of holidays (based on full-time employment), the possibility to purchase additional holiday days, flexible home working hours, and a bonus scheme.
Are you the Senior Business Consultant IT/OT Security we are looking for?
We would like to receive your CV and motivation letter by mail via email@example.com. Do you have questions? Contact one of our Corporate Recruiters by telephone +31 (0)88 888 3100 or email firstname.lastname@example.org.
Pre-employment screening and assessments are part of the selection process, and annual social media screenings and checks of a criminal record will be conducted.