Operational Technology CSIRT SME

Posted on Jan 7, 2025 by Talent Smart Limited
Slough, Berkshire, United Kingdom
IT
1 Feb 2025
£600 - £600 Daily
Contract/Project

We are seeking a highly skilled and experienced OT CSIRT Consultant to enhance a Cyber Security Incident Response Team (CSIRT) capabilities in managing and responding to security events generated by Operational Technology (OT). The ideal candidate will have a strong background in OT security, incident management, and SOC/CSIRT environments, with hands-on experience in handling and responding to cyber security incidents. This role requires a deep understanding of OT systems, integration of OT security alerts into existing cyber security frameworks, and the ability to provide expert-level guidance in managing OT-related threats.

Key Responsibilities

  • Incident Response for OT Environments:

    • Lead the investigation and response to cyber security incidents affecting Operational Technology (OT) systems.
    • Analyse OT-specific security alerts, including those generated by SCADA, ICS, and other industrial systems, and determine their impact.
    • Collaborate with SOC and CSIRT teams to develop and execute response plans tailored to OT environments.
  • OT Alert Integration and Monitoring:

    • Design and implement processes for incorporating OT security events into existing SOC and CSIRT workflows.
    • Ensure OT-specific alerts are properly tuned, monitored, and triaged within SIEM and other security monitoring tools.
    • Work with SOC analysts to train and guide them on understanding and responding to OT-related threats.
  • Threat Analysis and Vulnerability Management:

    • Conduct root cause analysis of OT security incidents and recommend measures to prevent recurrence.
    • Stay updated on OT-specific threats, vulnerabilities, and attack techniques to enhance incident detection and response.
    • Work with operational teams to identify and mitigate vulnerabilities in OT environments.
  • Process Development and Documentation:

    • Develop playbooks, runbooks, and procedures for responding to OT security incidents.
    • Create comprehensive incident reports for OT-related events, detailing findings, actions taken, and recommendations for improvement.
    • Assist in aligning OT incident response processes with industry frameworks such as NIST CSF, IEC 62443, or ISO 27001.
  • Collaboration and Stakeholder Management:

    • Act as a liaison between IT, OT, and security teams to ensure seamless communication during incident response efforts.
    • Provide expert advice to operational and executive teams on OT security risks and mitigation strategies.
    • Coordinate with third-party vendors and government agencies, where necessary, during significant OT-related incidents.
  • Training and Knowledge Sharing:

    • Mentor and train SOC/CSIRT teams on OT security concepts and incident handling.
    • Conduct tabletop exercises and simulations to test and refine OT incident response capabilities.

Qualifications and Experience

  • Education:

    • Bachelor's degree in Cybersecurity, Information Technology, Engineering, or a related field.
    • Relevant certifications such as GICSP, GCIP, CISSP, or CISM preferred.
  • Experience:

    • Minimum [X years, eg, 5+] of experience in cyber security incident management, including direct involvement in SOC/CSIRT environments.
    • Hands-on experience managing OT security incidents and integrating OT alerts into cyber security frameworks.
    • In-depth knowledge of Operational Technology systems, including SCADA, DCS, PLCs, and ICS environments.
  • Skills and Knowledge:

    • Strong understanding of OT protocols (eg, Modbus, OPC, BACnet) and their security implications.
    • Familiarity with SIEM platforms, EDR tools, and OT security solutions such as Nozomi Networks, Claroty, or Dragos.
    • Advanced incident response skills, including malware analysis, forensics, and threat hunting.
    • Knowledge of regulatory and compliance standards relevant to OT environments, such as NERC CIP and IEC 62443.

Personal Attributes

  • Strong problem-solving skills and ability to work under pressure during critical incidents.
  • Excellent communication and interpersonal skills to collaborate with cross-functional teams.
  • Detail-oriented and analytical, with the ability to distill complex security issues into actionable recommendations.
  • Adaptable and willing to stay ahead of emerging OT threats and trends.

*OUTSIDE IR35*


Reference: 2876718261

https://jobs.careeraddict.com/post/98657266

This Job Vacancy has Expired!

Operational Technology CSIRT SME

Posted on Jan 7, 2025 by Talent Smart Limited

Slough, Berkshire, United Kingdom
IT
1 Feb 2025
£600 - £600 Daily
Contract/Project

We are seeking a highly skilled and experienced OT CSIRT Consultant to enhance a Cyber Security Incident Response Team (CSIRT) capabilities in managing and responding to security events generated by Operational Technology (OT). The ideal candidate will have a strong background in OT security, incident management, and SOC/CSIRT environments, with hands-on experience in handling and responding to cyber security incidents. This role requires a deep understanding of OT systems, integration of OT security alerts into existing cyber security frameworks, and the ability to provide expert-level guidance in managing OT-related threats.

Key Responsibilities

  • Incident Response for OT Environments:

    • Lead the investigation and response to cyber security incidents affecting Operational Technology (OT) systems.
    • Analyse OT-specific security alerts, including those generated by SCADA, ICS, and other industrial systems, and determine their impact.
    • Collaborate with SOC and CSIRT teams to develop and execute response plans tailored to OT environments.
  • OT Alert Integration and Monitoring:

    • Design and implement processes for incorporating OT security events into existing SOC and CSIRT workflows.
    • Ensure OT-specific alerts are properly tuned, monitored, and triaged within SIEM and other security monitoring tools.
    • Work with SOC analysts to train and guide them on understanding and responding to OT-related threats.
  • Threat Analysis and Vulnerability Management:

    • Conduct root cause analysis of OT security incidents and recommend measures to prevent recurrence.
    • Stay updated on OT-specific threats, vulnerabilities, and attack techniques to enhance incident detection and response.
    • Work with operational teams to identify and mitigate vulnerabilities in OT environments.
  • Process Development and Documentation:

    • Develop playbooks, runbooks, and procedures for responding to OT security incidents.
    • Create comprehensive incident reports for OT-related events, detailing findings, actions taken, and recommendations for improvement.
    • Assist in aligning OT incident response processes with industry frameworks such as NIST CSF, IEC 62443, or ISO 27001.
  • Collaboration and Stakeholder Management:

    • Act as a liaison between IT, OT, and security teams to ensure seamless communication during incident response efforts.
    • Provide expert advice to operational and executive teams on OT security risks and mitigation strategies.
    • Coordinate with third-party vendors and government agencies, where necessary, during significant OT-related incidents.
  • Training and Knowledge Sharing:

    • Mentor and train SOC/CSIRT teams on OT security concepts and incident handling.
    • Conduct tabletop exercises and simulations to test and refine OT incident response capabilities.

Qualifications and Experience

  • Education:

    • Bachelor's degree in Cybersecurity, Information Technology, Engineering, or a related field.
    • Relevant certifications such as GICSP, GCIP, CISSP, or CISM preferred.
  • Experience:

    • Minimum [X years, eg, 5+] of experience in cyber security incident management, including direct involvement in SOC/CSIRT environments.
    • Hands-on experience managing OT security incidents and integrating OT alerts into cyber security frameworks.
    • In-depth knowledge of Operational Technology systems, including SCADA, DCS, PLCs, and ICS environments.
  • Skills and Knowledge:

    • Strong understanding of OT protocols (eg, Modbus, OPC, BACnet) and their security implications.
    • Familiarity with SIEM platforms, EDR tools, and OT security solutions such as Nozomi Networks, Claroty, or Dragos.
    • Advanced incident response skills, including malware analysis, forensics, and threat hunting.
    • Knowledge of regulatory and compliance standards relevant to OT environments, such as NERC CIP and IEC 62443.

Personal Attributes

  • Strong problem-solving skills and ability to work under pressure during critical incidents.
  • Excellent communication and interpersonal skills to collaborate with cross-functional teams.
  • Detail-oriented and analytical, with the ability to distill complex security issues into actionable recommendations.
  • Adaptable and willing to stay ahead of emerging OT threats and trends.

*OUTSIDE IR35*

Reference: 2876718261

CareerAddict

Alert me to jobs like this:

Amplify your job search:

CV/résumé help

Increase interview chances with our downloads and specialist services.

CV Help

Expert career advice

Increase interview chances with our downloads and specialist services.

Visit Blog

Job compatibility

Increase interview chances with our downloads and specialist services.

Start Test

Similar Jobs

Senior Packaging Engineer

Slough, Berkshire, United Kingdom

Female Support Worker

Slough, Berkshire, United Kingdom

HGV Technician

Slough, Berkshire, United Kingdom