OT Penetration Tester - Industrial Cybersecurity

OverviewFlatgigs is hiring an OT Penetration Tester for a confidential client operating within critical infrastructure and operational technology (OT) environments. This role focuses on assessing the security posture of industrial control systems (ICS), SCADA environments, and operational technology networks across sectors such as utilities, energy, and industrial infrastructure. The role requires a safety-first testing approach, ensuring all security assessments are conducted without disrupting operations or compromising critical infrastructure. The successful candidate will identify vulnerabilities, evaluate operational risks, and provide clear remediation guidance to strengthen the resilience of industrial systems.Key ResponsibilitiesOT Security Strategy & Testing Frameworks: Design and implement OT-specific penetration testing methodologies and frameworks. Develop testing procedures tailored for utility and industrial environments, including:Electric grid systemsWater and wastewater treatment facilitiesGas distribution networksRenewable energy installationsBuild capabilities for assessing industrial communication protocols and control systems. Support development of OT cybersecurity testing practices aligned with UAE cybersecurity frameworks.Penetration Testing & Security Assessments: Conduct safe and controlled penetration testing across OT environments, including:ICS / SCADA networksPLCs, RTUs, and HMIsIndustrial communication networksAssess network segmentation, firewall rules, and access controls. Identify vulnerabilities, misconfigurations, and attack vectors. Ensure all testing is non-disruptive and aligned with operational safety requirements.Industrial Protocol & Infrastructure Security: Evaluate security of OT environments using protocols such as Modbus, DNP3, IEC 61850, IEC 60870‑5‑104, OPC UA, BACnet, Profinet, EtherNet/IP. Perform testing across industrial networks, control systems, and communication infrastructure.Red Team & Adversary Simulation: Design and execute red team exercises and adversary simulations. Emulate real-world attack scenarios targeting industrial control systems. Build knowledge repositories for OT vulnerabilities, exploitation techniques, and vendor‑specific weaknesses.Security Reporting & Client Engagement: Produce high‑quality technical reports and risk assessments. Provide remediation recommendations aligned with industry standards. Present findings to technical teams, engineering teams, executive leadership, and regulatory stakeholders. Translate technical vulnerabilities into business and operational risk insights.Compliance & Regulatory Alignment: Ensure testing activities comply with relevant frameworks including IEC 62443, NIST 800‑82, and UAE national cybersecurity frameworks (NESA, DESC, TDRA).Operational Delivery: Deliver penetration testing engagements within defined scope, timelines, and SLAs. Coordinate testing windows with client engineering and operations teams. Document testing activities and evidence in accordance with audit and compliance requirements. Support remediation validation and re‑testing activities.Emerging Infrastructure Security: Conduct wireless security assessments for industrial infrastructure, including radio communications, satellite connectivity, cellular backhaul, and industrial wireless sensor networks. Assess security of cloud and hybrid OT architectures, including distributed energy management systems and industrial monitoring platforms.Required Experience8–10 years of experience in cybersecurity, penetration testing, or red teaming.Minimum 3 years working specifically in OT / ICS / SCADA environments.Experience conducting controlled testing in industries such as utilities, oil & gas, manufacturing, and critical infrastructure.Hands‑on experience testing:ICS / SCADA networksPLCs, RTUs, and HMIsIndustrial communication protocolsTechnical Skills:Strong knowledge of OT / ICS architecture and industrial networks.Industrial communication protocols.Penetration testing tools and techniques.Network and segmentation testing.Wireless security testing.Secure configuration assessments.Vulnerability assessment and reporting.Tools familiarity may include: Nmap, Metasploit, Wireshark, and IC‑specific security testing tools.Understanding of OT‑specific risks including operational downtime, safety impact, and infrastructure availability.QualificationsBachelor’s degree in Computer Science, Information Security, Electrical / Control Engineering, Cybersecurity, or related technical field.Preferred certifications: GICSP, ISA/IEC 62443 certifications, OSCP / OSCE / OSEP, GPEN / GXPN, CEH / CPT. Vendor certifications from Siemens, Schneider, ABB, Honeywell, or Emerson are considered a strong advantage.#J-18808-Ljbffr