Position : Lead Engineer

Location : Bengaluru

Reporting to : Architect/Senior Lead

Job Summary :

The Factory (ICS/ OT) Security Lead Engineer will be responsible for the Security Risk assessment and implementation of Factory Security Program and Practices for Customers. This position requires a strong understanding of both IT and OT systems, as well as expertise in cybersecurity practices specific to Factory Systems.

Job Description :

- Conducting on-site and remote Security Risk assessment of factories.

- Design, configure, assess, deploy, and integrate Factory Security solutions.

- Deploying Factory security initiatives and maintaining the delivery of aligned cyber security as per targets.

- Understanding of the customers connectivity at shop floor systems and machines. Such as PLC's, HMI, Computer Systems.

- Developing and implementing comprehensive security strategies and solutions specifically tailored for Factory systems, networks, and associated components.

- Ability to conduct assessments and audits as well as hands on setting up systems as part of an implementation.

- Staying current with NIST OT/IIoT/IoT and other Factory security focused publications.

- Working knowledge of security risk and control frameworks such as NIST CSF

- Analyzing and resolving cyber risks in the Factory environment. This involves monitoring and analyzing security logs and alerts from Factory systems to identify and respond to security incidents.

- Provide consultancy advice to client in closing technology control gaps/vulnerabilities in a practical way.

- Be able to liaise and work closely with clients across multiple customers and handle stakeholder expectations.

- Define security architecture, technical solutions, and organizational measures to reduce the level of cyber risk.

Profile Description :

- Strong understanding and application knowledge of IEC 62443 and NIST 800-82 frameworks for OT Security assessment and Risk scoring.

- Strong understanding of industrial control systems (ICS) and Operational technology (OT) environments, including knowledge of various protocols, architectures, and components used in critical infrastructure sectors.

- Strong risk and change awareness, not only from a security perspective but just as well from a plant production perspective.

- Hands-on experience in OT Security risk assessments, designing, implementing Factory (ICS/OT) network architectures, Network Segmentation, Malware Protection, Vulnerability Management, patch management, Factory Asset Management, Logging and Monitoring, etc.).

- Must be proficient with design and deployment of Security monitoring architecture for ICS networks and related products like Armis, Nozomi, Claroty, Dragos, Tenable etc.

- Strong knowledge of ISA Purdue Model, ISA 62443 Standard Family/NIST 800:82/SANS 20 controls framework/additional guidelines or frameworks related to Factory Security.

- Solid knowledge of industrial networking protocol security IEC 104, Modbus, OPC, Profibus, Vendor Specific Protocols etc.

- Knowledge of Cyber Security tools (such as EDR / EPP, SIEM / SOAR, Firewalls, IDS / IPS, Secure Remote Access, Switching & Routing etc.).

- Being in possession of any security certificate (e.g ISA 62443, GICSP, CISSP)

- Familiarity with the MITRE ICS ATT&CK Framework.

- Additionally, adapt project management abilities and task prioritization to ensure successful project outcomes within defined timelines.