Senior Consultant Kudelski Security - Madrid, España - Kudelski SA

Descripción

With more than 3200 employees worldwide, 32 locations around the world and 4 business units, the Kudelski Group offers endless opportunities for people to start new journeys, grow and succeed.

Senior Consultant Kudelski Security (OT Security)

Stimulating. Motivating. Challenging.

Leveraging its long-standing expertise in securing digital content as well as fighting piracy, Kudelski Security, a division of the Kudelski Group, is a provider of cybersecurity solutions and services focused on protecting data, processes and systems for companies and organizations around the world, safeguarding their assets at a time of increasingly remote communications.

Location: Madrid, Spain

Mission

The Digital Infrastructure & Endpoint Protection practice is the home base of a growing number of advisors that can deliver OT/ICS/DCS/SCADA related engagements. The EMEA OT Consultant is a crucial member of our Kudelski Security Advisory team working closely and reporting to the Digital Infrastructure & Endpoint Protection practice lead, and ultimately reporting to Technical Practice Lead.

Responsibilities

Your Responsibilities will be to:

• Performs cybersecurity & vulnerability criticality assessment of the OT systems & Categorize the risks
• Benchmarks the cybersecurity system state as per ISA/IEC 62443 / NIST
• Identifies the gaps to reach desired SL level and Recommend the mitigation actions as per the assessment
• Understands the frameworks and recommends applicable controls specific to the environment and systems
• Develops Audit reports
• Identifies the gaps and coordinate with the stakeholders for closure
• Experience in planning the audit and assessment activities
• Perform the hardening of the OT systems and network
• Liaises with the OT asset owners for implementation activities and site planning for performing these activities
• Performs risk assessment of the implementation activities and identify the mitigation measure for smooth implementation on site

This role involves

• Assisting the development of Proposals and Statement of Works (SOW) in close collaboration with the sales and pre-sales team, and other advisory team members working as one team
• Working closely with the rest of the advisory team to deliver consistent outcomes across regions acting as one team
• Working collaboratively with other BU's and divisions inside of Kudelski Security
• Develop and maintain strong relationships with KS colleagues and the KS clients, contributing to a positive culture of change and innovation
• Develop and maintain strong relationships with KS clients

Requirements / Profile

You are

• Very good knowledge of security principles and firm knowledge of cybersecurity technologies, as well as industry-recognized certifications, such as - CISSP, CISM, CISA, CEH, GICSP, IEC 62443, etc.
• Experienced with security engineering principles, various cybersecurity assessment methodologies, security control implementation, and validation, and system life-cycle practices
• Able to demonstrate you have advanced knowledge of networks and control systems utilized by critical infrastructure sectors, is preferred
• Able to demonstrate you understand business principles and operational security practices specific to engineering and/or security consulting
• Proven knowledgeable with industry good practice, such as IEC , 3-2), NIST CSF, NIST 800-82r2, ONG-C2M2, NERC-CIP
• Experienced with physical cabling for network communications and control system input/output
• Knowledgeable with - Security, Orchestration, Automation & Response (SOAR) solutions- OT asset inventory w/ change detection solutions- Vulnerability Management solutions- Identity and Access Control solutions- Zero Trust Security solutions- OT network & communications monitoring solutions+ Knowledge of the Purdue model (ISA95)
• Knowledgeable with - Cybersecurity controls, specifically those relating to firewalls, identity, and access control, authentication, and authorization, anti-virus/anti-malware, patch management, network, and system hardening, SIEM implementation, and/or tuning, and logging
• Knowledge with legacy and modern computer networking and telecommunications

You have

• Minimum of bachelor's degree in a technical field
• 3+ years of industrial cybersecurity experience
• Additional applicable years of experience may be considered in lieu of degree requirements
• Cybersecurity, Industrial Cybersecurity, Cyber-Physical Systems, Computer Science or Information Systems, Computer Engineering, Electrical Engineering, or another related technical field with appropriate experience
• Control systems from a wide range of vendors (PLC, DCS, SCADA)
• Preferable training/certifications in any of these ISA 62443, CISSP, GIAC, ICS-CERT, or SANS
• Strong written and oral communication skills
• Strong analytical and critical thinking skills
• Ability to operate under pressure and under tight deadlines, to operate onsite within industrial, corporate, and government work settings
• Ability to present complex technical issues and their impact in an easy-to-understand manner
• Must have Effective Written/Verbal Communication Skills in English and other European language

Reference: 14305
Publication Date:

If you love the challenge as much as the rewards and are ready to take your career to the next level, apply today.