Back to Job Search

OT Security Advisor

  • Location: Oakville

Posted about 1 month ago

  • Sector: Executive and Management
  • Working: Remote
  • Start Date: 2023-01-30
  • End Date: 2023-01-26
  • Job Type: Permanent
  • Job Ref: 15785

Job Title: Operational Technology Security Advisor
Type: Permanent
Location: Remote
Start Date: January 2023
Days/Hours: 9:00am-5:00pm, Mon-Fri 

About our client:
 
Our client is a privately held SecOps-As-A-Service company founded in 2008. They deliver 24.7.365 security operations backed by their modernized SOC 2 Type 2 and ISO27001 certified Cyber Command Center. Company is focused solely on the Microsoft security product stack and holds the Microsoft Security Advanced Specialization. They are an outcome-driven SecOps-As-A-Service company that leverages an innovative and collaborative approach providing customers an easy way to consume services and increase maturity.  
 
Job Brief 
 
As an OT Security Advisor, you will be responsible for providing exceptional service to customers subscribed to Difenda C3 services. Working in close partnership with C3 leadership, you will support the OT Security team, ensuring that customer Managed Detection and Response for Operational Technology (MDR for OT) services are developed and delivered to the highest of standards. You will support the ongoing design, development, and service enhancements of MDR for OT services. You will also support the execution of customer OT environment threat event lifecycle management, Threat Hunting, and Threat Intelligence activities. You will provide escalated level support to the SecOps Analyst team and act as an escalation point for both the internal team and customers. You will lead high severity security incident investigations and provide remote response support to customers. You will support customer communications, including recurring and ad hoc customer calls, operational reviews, and quarterly executive debriefs. Hours of work are Monday to Friday – 7.5 hours daily or as required.  After-hour on-call / escalation duties will be required.
  
Job Responsibilities: 

  • Support the development and delivery industry leading OT security services designed to continuously enhance Difenda’s managed service portfolio

  • Support the delivery of MDR for OT service processes, including risk assessments, threat event lifecycle management, Threat Hunting, and Threat Intelligence activities

  • Execute customer engagements to oversee design and deployment of business-driven OT security technology roadmaps

  • Execute MDR for OT service activities, including but not limited to asset discovery support, vulnerability management reviews and support, escalated event and incident investigations, custom protocol development, and detection development

  • Actively develop and execute MDR for OT playbooks, including environment reviews, Threat Hunting, attack simulations, tabletops, and other proactive activities in customer environments

  • Collaborate with teammates for customer Incident Response engagements within industrial environments

  • Support the implementation and maintenance of Threat Intelligence practices, including IOC integration into MDR for OT services and providing customer specific tactical and C-Level threat intelligence briefs

  • Develop, execute, and train staff on MDR for OT service delivery activities

  • Enforce standards and processes to ensure high quality MDR for OT service delivery (e.g. case management standards)

  • Work closely with the Cyber Research & Response and DevSecOps teams to iteratively enhance MDR for OT and other managed security services

  • Support customer service communications, including operational and executive level meetings and reporting

 
Required Skills: 
 

  • Minimum of 3 years of experience in industrial environments (ICS, SCADA / PLC / HMI, DCS, etc.) required

  • Minimum of 3 years of experience in cybersecurity operations (SOC, incident response, forensics, etc.) required, including intrusion analysis, incident response, host forensics (memory and disk), network protocol analysis

  • Ability to lead an investigation from start to finish including pivoting between data types and correlating events together

  • Ability to proactively hunt and identify malicious activity

  • Experience with IT technologies including Windows and Linux, and various security solutions

  • Knowledge of handling communications during incidents, especially regarding customer and stakeholder briefings

  • Strong background in customer service and communications required

  • Strong presentation development and delivery skills required

  • Familiarity with Agile methodologies such as Lean, Scrum and Kanban preferred

  • Strong ability to communicate and document clearly and effectively

  • Ability to follow processes and guidelines

  • Ability to work with all levels of staff

  • Ability to take personal initiative and observe confidentiality

  • Ability to work with internal and external vendors in a professional manner

  • Ability to multi-task in a fast-paced environment