Logo
Futran Tech Solutions Pvt. Ltd.

OT Security

Futran Tech Solutions Pvt. Ltd., Detroit, MI, United States


Job Title : OT Security Specialist

Location : Detroit, MI(Onsite)

JD:

Job Description & Skill Requirement:

You will be part of the Cyber Défense Group responsible for Conducting ICS/OT site assessments to identify business critical systems and develop effective risk mitigation measures for L&T customers. You will be responsible for developing ICS/OT cyber security strategies and implementing transformation programs.
You will provide able assistance on cyber-related engagements across L&T business, including effective people management on client engagements and working seamlessly and collaboratively with colleagues globally.

Your responsibilities include, but are not limited to:
• Creation of client proposals, citadels, technical specifications, and Scope of Work (SOW) for client engagements.
• Assist in developing a cybersecurity framework aligning to cyber security standards like IEC 62443, NIST 800-82, ISO 27001, etc.
• Serve as a subject matter expert on OT security, providing technical guidance and support. Assist in the design and implementation of secure OT architectures, systems, and networks.
• Perform gap assessment against standard security controls and provide recommendations to address the gap, define the target state and a roadmap to achieve the target state.
• Evaluate the risk posture of OT systems and infrastructure, including identifying potential threats, vulnerabilities, and impacts. Develop risk mitigation strategies and work with customers to prioritize and address identified risks.
• Perform business profiling and threat assessment by identification of crown jewels, threat actors & threat vectors (Threat landscape).
• Document findings, recommendations, and action plans resulting from assessments, audits, and engagements. Prepare clear and concise reports for clients, including executive summaries, risk assessments, and remediation strategies.
• Work closely with client stakeholders, including IT teams, operations teams, and executives, to align OT security initiatives with business goals. Collaborate on projects, change management processes, and risk management activities.
• Create design documents like HLD, LLD, etc. for various security solutions like OT Network Monitoring, Secure Remote Access, Patch Management, OT firewall, Endpoint Security, etc.
• Assist in defining a TO-BE network architecture for various process environments to enable them with central security services or managed Security Operations Centre.
• Continuously monitor and research the latest OT security threats, vulnerabilities, and technologies. Stay abreast of industry developments and emerging solutions to provide clients with the most current and effective security strategies.

Experience, Skills and Qualifications
• A bachelor's or master's degree in a relevant field. Advanced certifications in cybersecurity and OT security, such as Certified Information Systems Security Professional (CISSP), ISO / IEC 62443 Cybersecurity Expert, or GIAC Global Industrial Cybersecurity Professional (GICSP), are highly valued.
• Significant 7-11 years of experience working specifically in the field of OT security, preferably in a consulting or advisory capacity. Hands-on experience with conducting OT security assessments, developing security strategies, implementing security controls, and assisting with incident response is highly desirable.
• A strong understanding of operational technology (OT) systems, including industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, and associated protocols (e.g., Modbus, DNP3). Familiarity with OT-specific security challenges, standards, and best practices, such as IEC 62443, is essential.
• Proficiency in conducting risk assessments, vulnerability assessments, and compliance audits in OT environments. Familiarity with relevant security frameworks and standards, such as NIST Cybersecurity Framework, ISO 27001, and regulatory requirements specific to OT (e.g., NERC CIP), is beneficial.
• Strong technical skills in areas such as network architecture, network protocols, firewalls, intrusion detection/prevention systems, malware analysis, and digital forensics. Experience with security assessment tools and technologies, penetration testing, and security monitoring.
• Knowledge of implementation of different OT security threat detection solution platforms.
• Excellent communication skills, both written and verbal, with the ability to convey complex security concepts to technical and non-technical audiences. Strong consulting and client-facing skills, including the ability to build relationships, provide actionable recommendations, and deliver presentations to stakeholders at various levels of the organization.
• Strong analytical thinking and problem-solving skills, with the ability to identify security risks, analyse complex systems, and develop effective solutions.