Penetration Tester - ICS/OT - €100k - Germany

Location: Germany - Remote (with occasional travel)
Language: English (German is a bonus)
Salary: Up to €100k

I am representing a leading cybersecurity firm, who are seeking a talented and experienced ICS/OT Penetration Tester to join their team. They are dedicated to ensuring the security and resilience of industrial control systems (ICS) and operational technology (OT) environments for their clients.

As an ICS/OT Penetration Tester, you will play a pivotal role in identifying vulnerabilities, assessing risks, and helping their clients secure critical infrastructure.

Responsibilities:

- Conduct ICS/OT Security Assessments: Perform penetration tests and security assessments on industrial control systems (ICS), operational technology (OT), supervisory control and data acquisition (SCADA) systems, and associated networks to identify vulnerabilities and weaknesses.

- Risk Assessment: Evaluate the security posture of ICS/OT environments, assess potential risks, and provide recommendations for mitigation strategies to enhance security.

- Exploit Analysis: Research and analyze emerging threats, vulnerabilities, and attack techniques targeting ICS/OT environments. Develop and test exploits to validate vulnerabilities.

- Security Testing: Plan and execute penetration tests, vulnerability assessments, and security audits on ICS/OT components, including PLCs, RTUs, HMIs, and communication protocols.

- Reporting: Generate detailed and actionable reports outlining identified vulnerabilities, risks, and recommended remediation strategies. Clearly communicate findings to technical and non-technical stakeholders.

- Collaboration: Work closely with cross-functional teams, including ICS engineers, network administrators, and cybersecurity experts, to implement security measures and remediate identified issues.

- Continuous Learning: Stay up-to-date with the latest trends and developments in ICS/OT security, threat landscape, and cybersecurity best practices.

Qualifications:

- Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree is a plus.

- Proven experience in conducting penetration tests and security assessments in ICS/OT environments.

- Strong knowledge of industrial control systems, SCADA systems, and associated protocols (e.g., Modbus, DNP3, OPC).

- Familiarity with common ICS/OT components such as PLCs, RTUs, HMIs, and their associated security challenges.

- Proficiency in using penetration testing tools and frameworks (e.g., Metasploit, Shodan, Wireshark) and experience with network analysis.

- Certifications such as Certified SCADA Security Architect (CSSA), GIAC Critical Infrastructure Protection (GCIP), or Offensive Security Certified Professional (OSCP) are highly desirable.

- Excellent communication skills, including the ability to convey technical findings to non-technical stakeholders.

- Strong analytical and problem-solving skills with attention to detail.

- Ability to work independently and collaboratively in a fast-paced environment.