Industrial OT Security Specialist – Operational Technology

This is a fully remote position, open to applicants in Brazil.

📋 Description

• Serve as the technical Cyber Security expert for OT/ICS environments, providing support for high-criticality industrial operations across various companies within the Cosan Group;

• Spearhead initiatives to enhance OT security monitoring, including the integration of new plants, industrial networks, critical assets, and operational technologies into the monitoring framework;

• Create and refine detection use cases tailored for industrial settings, utilizing OT monitoring platforms, SIEM, EDR, and specialized threat detection solutions;

• Conduct analyses of industrial network architecture, assessing segmentation, zones and conduits, communication flows, and compliance with security best practices for ICS environments;

• Engage in defining and reviewing secure architectures for new industrial projects, operational expansions, and OT digital transformation efforts;

• Assist in the identification, analysis, and assessment of cyber threats, vulnerabilities, and exposures in industrial settings, recommending prioritized mitigation strategies based on risk;

• Collaborate with Engineering, Automation, Network, and Operations teams to implement security measures for OT environments;

• Provide technical assistance during the cyber incident response process involving industrial systems, contributing to root cause analysis, containment, and corrective measures;

• Carry out technical evaluations of maturity, hardening, industrial network segmentation, and compliance with industry frameworks and standards;

• Oversee vendors and partners specializing in OT security, ensuring technical excellence, governance, and continuous improvement of contracted services;

• Prepare executive reports and presentations for various organizational levels, effectively communicating risks, metrics, progress, and investment requirements;

• Aid in defining the Group's OT Cyber Security strategy, contributing to the enhancement of industrial security maturity.

⛳️ Requirements

• Bachelor's degree in Technology, Information Security, or related disciplines;

• Practical experience in industrial OT environments, including on-site assessments of systems and infrastructure, with the capability to suggest enhancements;

• Knowledge of security for automation networks (ICS/SCADA) and familiarity with industry standards (NIST, ISA/IEC 62443, ISO);

• A risk-oriented approach with the ability to identify actions and establish priorities;

• Experience in vulnerability remediation and management;

• Proficiency in managing contracts and third-party OT vendors;

• Familiarity with EDR management;

• Experience in managing Threat Detection Devices (TDDs);

• Basic understanding of IPS and Firewall functionalities;

• Knowledge of IT Governance and Risk Management, metrics, and maturity assessment models;

• Ability to work collaboratively with diverse technical and multidisciplinary teams;

• Expertise to engage in discussions on optimal architectures;

• Current knowledge and interest in industry best practices regarding the subject;

• Strong analytical mindset and problem-solving abilities;

• Excellent communication skills and adaptability;

• Basic familiarity with SIEM.

🏝️ Benefits

• All our vacancies are open to individuals of any sexual orientation, gender identity, race, ethnicity, and age, with or without disabilities.