OT Security Consultant

DirectDefense is a leading cybersecurity firm committed to helping organizations defend against modern cyber threats and manage their security programs. We provide cutting-edge solutions across network security, managed detection and response, and risk management services. Our team of experts delivers high-quality, proactive solutions tailored to the unique security needs of our clients.

Job Description:

At DirectDefense, our passion is security; specifically, we strive to improve the security posture of all our clients in a way that fits their needs and business. We specialize in Operational Technology (OT) security challenges, making sure that the energy, water, goods, etc. we use in our everyday lives continues to be there for us when and where it’s needed.

The OT Cybersecurity Consultant will be Responsible for leading the assessments of security capabilities and technologies for our clients OT environments. They will provide input, coordinate, and participate in testing of new security designs that will impact our client’s ICS.

Responsibilities:

• Take a leadership role in the execution of OT/IoT security projects, facilitating project meetings, gathering project requirements, managing customer expectations, etc.
• Conduct hands-on OT/IoT system network or product assessments and analyze findings.
• Develop recommendation reports documenting approaches to improve OT network or device security posture.
• Produce security policies, user requirements, system specifications, proposed system architecture designs for OT networks/devices/systems.
• Implement updated OT security architectures for clients.
• Participate in OT technical security testing.
• Communicate security requirements and improvements to customers.
• Stay current with industry best practices and apply them in your deliverables.
• Management consulting/organizational change management for clients.

Qualifications:

• BS in a technology-related field.
• 10+ years’ experience in IT/OT security (OT/IoT experience required).
• OT-specific certifications highly desired (GICSP, GRID, ISA/IEC 62443).
• OT security testing experience is highly desired.
• Industry certifications (from ISC2, ISA, SANS, ISACA, CompTIA, etc.) a plus.
• Specific Water/Energy/Manufacturing industry experience a plus.
• Experience with industrial control systems and their differences from traditional IT environments.
• Specific OT/SCADA protocol understanding (Modbus, ICCP, 61850, DNP, MQTT).
• Understanding of related security frameworks (ISA/IEC 62443, NERC CIP, NIST CSF, ISO 27001, etc.).
• Have strong communication skills (oral and written) and the ability to effectively communicate abstract security concepts to technical and non-technical.
• Interest in speaking and producing white papers is a plus.

Application Instructions: To apply, please submit your resume and cover letter through our online application portal. Applications will be reviewed on a rolling basis until the position is filled.

Salary range: $107,000 - $161,000

Bonus: Up to 10% annual bonus

Benefits include:

• 401(k)
• AD&D Insurance
• Dental Insurance
• Disability insurance
• Health insurance
• Life insurance
• Vision insurance
• Flex PTO program
• Paid certification and continuing education

Work schedule: Monday through Friday

Work hours: 40 hours a week

A little about DirectDefense

Since coming together in 2011 to form DirectDefense, our team has been committed to offering Cybersecurity defense strategies that are unmatched in the industry. Whether we are performing assessments of networks, platforms, and applications or applying managed services to improve your organization’s security posture, we are focused on providing world-class services that don’t just work–they work for you.

OUR MISSION

We establish partnerships with our clients based on trust and results. We leverage our deep industry knowledge and expertise to identify and remediate blind spots in your security program, provide meaningful visibility of your entire enterprise, and align your organization with security best practices and compliance standards.

OUR VISION

We aim to secure organizations across all industries against advanced threats and attacks in today’s world. Acting in partnership with organizations, we will provide unmatched information security services designed to improve your overall security posture, close gaps, and track vulnerabilities continuously through continued education and support.

EEO Commitment

We’re an equal employment opportunity/affirmative action employer that empowers our people to drive change fearlessly – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

As required by Colorado law under the Equal Pay for Equal Work Act, DirectDefense provides a reasonable range of compensation for roles that may be hired in Colorado. Actual compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, and specific office location. For the state of Colorado only, the range of starting pay for this role is $107,000 - $161,000 per year with a bonus package.