Cyber Security OT Assurance Senior Analyst - Operation Technology

Job PurposePerform and conduct Operation Technology (OT) assurance activities towards protecting the organization information assets and critical infrastructure. conduct technical OT cyber security assessments in addition to providing technical assurance capabilities that verify effectiveness of security controls and projects.Principal AccountabilitiesOperationalConduct OT cyber security analysis of the technology environment to identify gaps and recommend solutions for improvement.Conduct OT architecture assessments from technical security point of viewconduct evaluation and assessment of available OT tools and countermeasures to remedy the detected vulnerabilities and recommend best solutions and practices.Conduct reviews and Validations of OT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicablePreform cyber security review for systems development or acquisition projects related to OT environmentsValidate and verify OT systems security requirements definitions and analysis and established system security designsConduct periodic cyber security assessments of existing OT controls and the technology landscape within the Organization (vulnerability scanning, penetration testing and Red Teaming exercises).Conduct configuration review of OT cyber security equipment.Assess and validate security configurations and access to security infrastructure tools, including firewalls, IPSs, Passive monitoring solutions and anti-malware/endpoint protection systemsConduct secure security code review and dynamic security testing for applications related to OT environment.Conduct OT cyber threat modelling of services and applications that tie to the risk and data classification associated with the service or applicationEducationDegree: Bachelor’s degree in Computer Science, Engineering or Business field or equivalent, Diploma with additional relevant experience.MBA or Master’s degree in computer science, engineering, information security is preferable.Required professional certifications: Professional certificate such as CISSP, CISM, OSCP, CEH, CISA, GSEC.Experience 6+ years of Information Technology experience.3+ years of relevant working experience.Working experience in multiple industries (e.g. Oil & Gas, Energy, Utilities, Retail, Government…) is preferable.Candidate must have minimum 5 years of experience as a Penetration TesterWorking experience in cyber security assurance.Working experience in cyber security assessments.Working experience in cyber security architecture review.