Ethical Hacker – OT Security Consultant

This is a fully remote position, open to applicants in Texas.

📋 Description

• Conduct Security Architecture Evaluations

• Execute comprehensive tabletop assessments that address both technical and non-technical risks within Operational Technology (OT) environments, while avoiding any high-risk manual or automated operations

• Identify areas that may have negative consequences, are high risk, or represent single points of failure (SPOF) in legacy networks that are sensitive

• Utilize structured analysis to pinpoint where risk is concentrated and which controls are absent

• Tailor the depth and methodology of reviews to align with the specific operational realities of each client’s environment

• OT Risk Identification and Evaluation

• Detect vulnerabilities and deficiencies within Operational Technology settings, including Industrial Control Systems (ICS), SCADA, and field devices

• Evaluate legacy networks and sensitive systems where traditional testing approaches pose unacceptable operational risks

• Differentiate between theoretical risks and those relevant to operations, ensuring findings remain actionable

• Demonstrate impact when applicable, while exercising caution as dictated by the environment

• Client Advisory and Program Enhancement

• Assist OT clients in enhancing their security programs by identifying essential controls

• Collaborate to refine testing scopes as engagements evolve and client environments become more defined

• Translate technical insights into actionable guidance for both technical teams and leadership

• Foster client trust through credible communication and a keen understanding of operational contexts

• Methodology and Ongoing Improvement

• Contribute to the advancement of Packetlabs' OT testing methodologies and practices

• Remain informed about evolving OT threats, attack methods, and defensive strategies

• Share insights with the wider team to reduce blind spots and enhance collective expertise

• Help elevate the standards of OT security practices across the organization

⛳️ Requirements

• Bachelor’s degree in Information Security or Computer Science

• Professional certifications (one or more preferred): GICSP, GRID, GCIP, CSSA, CACE, CISSP, OSCP

• Over 3 years of experience assessing or working within OT, ICS, or SCADA environments

• Strong comprehension of the operational limitations that differentiate OT testing from IT testing

• Exceptional communication skills, capable of clearly conveying risk to both technical and non-technical audiences

• Proven dedication to continuous learning in this rapidly changing field

• Strong analytical and problem-solving abilities, with experience working independently in complex or highly specialized settings

🏝️ Benefits

• GRRSP with corporate matching in Canada

• Eligibility for corporate benefit plans in Canada

• A flexible working environment that empowers employees to excel

• Access to immediate and ongoing offensive security training, mentorship, and professional development to enhance your technical skills