OT Security Consultant

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant you will be a key advisor for IBM’s clients analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities
An OT Security Consultant in IBM’s EMEA in essence serves as an OT technology and solution advisor with practical experience in a particular security domain such as OT Infrastructure Security OT Network Security OT IAM etc. The OT Security Consultant serves as a technology consultant that can confidently and credibly address OT Security solution components and reference architecture models. This person possesses the ability to formally present to senior technical members of a client’s team and perform as the leader in delivery workshops solution design and deployment teams. The successful candidate will act in many ways as technology consultant that can speak to the security landscape architectural models and solutions credibly and possess the ability to discuss and present technical ICS security solutions to senior members of a client team.

The OT Security Consultant is knowledgeable of leading OT Security frameworks to include IEC 62443 and NIST CSF and leading products used in OT Security solutions. He/she is also responsible for designing coordinating implementing OT/IoT security services with defined deliverables to fulfill contract commitments to the highest degree of value. This requires an innovative mindset coupled with thought leadership to drive quality of OT/IoT offerings across all IBM geographies. Strong presentation communication and influencing skills are required to collaborate with IBM clients market leaders geography leaders and security sales representatives to motivate current and emerging services. The consultant is responsible for delivering client value through quality deliverables of the OT/IoT security services portfolio. Finally the OT Security Consultant will be responsible for mentoring and training select consultants within each IBM security geography/market.

In this Role you will:

• Serve as a subject matter expert and trusted advisor on assessing designing and delivering OT/IoT client solution strategies based on knowledge of the industry OT/IoT leading practices and the client’s business.
• Provide subject matter expertise through delivery of workshops as a member of consulting engagements and as leader on solution design and deployment projects.
• Conducting ICS/OT site assessments to identify business critical systems and develop effective risk mitigation measures.
• Conduct comprehensive security program analysis and provide expert recommendations that result in the development of an OT/IoT security plan and roadmap.
• Supports global sales pursuits by establishing strong client relationships with key accounts to help progress organic growth.

Required Technical and Professional Expertise

• 7+ years of experience in developing OT/IoT cybersecurity solutions for industrial environments in a professional services firm or a security consulting role.
• Previous experience providing consulting services to Fortune / Global 1000 clients and/or domain experience within relevant medical verticals.
• Previous experience assessing against standards and frameworks including IEC-62243/ISA-99 ISA-95 NIST SP 800-82 R2 NIST CSF NERC CIP ISO 27001/27002.
• Experience working with ICS technologies and/or environments. Examples include SCADA DCS RTUs IACS PLCs HMIs Engineering Workstations Historians etc.
• Experience in design and deployment of network security solutions and controls in industrial networks including network zoning segmentation and isolation designs and implementation.

Preferred Technical and Professional Expertise

• Familiarity with ICS security solutions such as Nozomi Armis Claroty Fortinet etc.
• Experience working with protecting and administering critical industrial network infrastructures with demonstrable experience working with automation vendors such as ABB Siemens Rockwell Honeywell Foxboro Emerson Yokogawa etc.
• Experience working directly in an industrial environment is a plus.
• Self-motivated and results focused; ability to strengthen the team and its mission.
• Global Industrial Cybersecurity Professional (GICSP) Certified SCADA Security Architect (CSSA) or Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certifications a plus.