Principal Consultant - OT Security

Job Title: Principal Consultant - OT Security

Location: UAE, India

Experience: 10-15+ Years

Role Overview

We are seeking an experienced Senior Consultant - OT Security to lead and deliver cybersecurity initiatives across Industrial Control Systems (ICS), SCADA, and Operational Technology (OT) environments. The role involves advisory, design, implementation, and lifecycle support of OT security solutions aligned with global standards such as IEC 62443, OTCC, NIST SP 800-82, and MITRE ATT&CK for ICs.

You will work closely with clients, EPC teams, vendors, and internal stakeholders to secure critical infrastructure and enable safe digital transformation.

Key Responsibilities

• Risk, Compliance & Advisory
  • Perform OT security risk assessments, gap analysis, and compliance reviews based on IEC 62443, OTCC and other standards
  • Conduct security maturity assessments and recommend improvement roadmaps
  • Provide advisory services for SCADA/ICS/OT environments across small to large scale projects
  • Assist clients in establishing or enhancing Cybersecurity Management Systems (CSMS)
• Security Architecture & Design
  • Design and implement secure OT network architectures based on Purdue Model and segmentation strategies
  • Develop High Level Designs (HLDs), Low Level Designs (LLDs), and Bill of Materials (BoM)
  • Review engineering documents, system architectures, and network diagrams from a security perspective
  • Define and maintain security baseline configurations aligned with organizational policies
  • Lead deployment of OT cybersecurity solutions including:
    • Firewalls (IT/OT & industrial)
    • IDS/IPS
    • Secure remote access solutions
    • Endpoint Protection Platforms (EPP)
    • Privileged Access Management (PAM)
    • SIEM integrations
  • Implement and validate solutions in EPC project environments
  • Support full project lifecycle: engineering, procurement, FAT, SAT, commissioning, and handover
  • Support continuous threat detection and monitoring for OT assets
  • Assist in incident response, investigation, and mitigation activities
  • Integrate OT environments with centralized monitoring and SIEM platforms
  • Support RFP/RFI/RFQ responses, technical proposals, and solution positioning
  • Lead technical discussions with clients and stakeholders
  • Provide expertise during solution demonstrations and workshops
  • Develop and implement OT security policies, standards, and procedures
  • Ensure alignment with regulatory frameworks and industry best practices
  • Support clients in secure digital transformation and Industry 4.0 initiatives

Required Skills & Expertise

Technical Expertise

• Strong knowledge of:
  • OT standards: IEC 62443, NIST CSF, OTCC, NIST SP 800-82, MITRE ATT&CK for ICs
  • OT architectures: Purdue Model, segmentation, DMZ design
  • Industrial protocols: Modbus, DNP3, IEC 61850, OPC-UA, Profinet
• Hands on experience or strong technical knowledge with:
  • Firewalls (NGFW & industrial)
  • SIEM platforms (e.g., Splunk)
  • IDS/IPS and OT monitoring solutions
  • Backup & recovery (Veritas, Acronis)
  • Domain controllers for DCS environments
  • AV/WSUS/AWL solutions
• Industrial networking components: switches, routers, FO infrastructure, NTP
• Operating systems patching and firmware management
• Network Management Systems (NMS)
• Secure remote connectivity solutions

Platform Experience

• Familiarity with major OT OEMs such as:
  • ABB, Siemens, Schneider, Honeywell, Emerson, Yokogawa
  • Rockwell/Allen Bradley, GE, Aspentech
  • OT security solutions (e.g., OWL, industrial firewalls)

Project & Operational Experience

• 5-7+ years of experience in deploying solutions in live OT/IT environments
• Strong experience in:
  • FAT, SAT, commissioning, and acceptance processes
  • Working in critical infrastructure environments
  • Multi vendor and EPC project coordination

Preferred Certifications

• IEC 62443 Expert or similar certifications like ISA/IEC 62443 Risk Assessment Specialist
• CISSP / CISM/ CEH
• Global Industrial Cyber Security Professional (GICSP)