You will lead and contribute to projects such as risk assessments aligned with IEC 62443, IT/OT site evaluations, threat modeling, NIS2 compliance reviews, and security maturity assessments. These services are designed to help our clients identify vulnerabilities, mitigate risks, and enhance their security resilience—regardless of their current maturity level. Additionally, you will deliver tailored OT security training, implement a comprehensive IT/OT security awareness program, and engage in cutting-edge OT security research to drive innovation and support our clients’ evolving needs.
As our OT Security Consultant you:
- Deliver expert advisory services on SCADA, ICS, and OT infrastructure for projects ranging from small to large scale. This includes conducting security risk assessments based on IEC 62443 and QAROT, gap analyses, compliance evaluations, and security maturity reviews.
- Provide strategic support in designing and architecting secure industrial networks.
- Assist clients in building or enhancing their SCADA/ICS/OT security programs to meet evolving security demands.
- Guide customers through secure digital transformation initiatives and Industry 4.0 projects.
- Analyze and interpret security vulnerabilities, risks, policies, and procedures in the context of their operational and business impacts.
- Manage and execute assessments using industry-recognized frameworks or customized methodologies developed by Lares Risk Management.
- Support business development efforts by contributing technical expertise to sales engagements.
- Mentor and coach junior and mid-level consultants, fostering their professional growth and knowledge development.
- Actively contribute to the continuous improvement of knowledge, methodologies, and service offerings within the organization.
Job requirements:
- A completed bachelor or master’s degree;
- Practical security experience within industrial networks and industrial devices like PLCs, DCS, Safety systems, and SCADA;
- Experience with industrial communication protocols, like Modbus, IEC104, and vendor-specific protocols;
- Experience with conducting risk analyses and assessing risk management processes;
- You can communicate technical concepts and assessment results verbally and in written reports in simple terms;
- Knowledge of IEC 62443, MITRE ATT&CK for ICS, NIST CSF, and NIST SP 800-82;
- Interest and ability to write exciting whitepapers and publications;
- A supportive and a proactive personality, you know how to attract and engage both customers and colleagues.
At Lares Risk Management, we pride ourselves on a diverse portfolio of clients and challenging projects across the field of operational and digital security. With a core focus on technical expertise and delivering high-quality services, we are dedicated to protecting our clients’ most critical assets.
You will be part of a team of passionate security professionals where collaboration and knowledge sharing are integral to our culture. This role offers the freedom to explore innovative developments in the market, conduct targeted research, and deliver impactful solutions with measurable outcomes.
As a growing organization driven by ambition, Lares Risk Management offers exciting opportunities for personal and professional growth. With new horizons constantly emerging, we empower our team members to shape their careers and contribute to scaling our capabilities while aiming for excellence in every endeavor.