ot/it Security analyst
OT/IT Security Analyst
By 2035, it is estimated that a colossal 1 trillion connected devices will be live across the globe. This introduces a new, complex web of security threats to people, lives, and connected cities.
At ANGOKA, we are focused on the security of critical machine-to-machine (M2M) communications particularly across Smart Cities and Smart Mobility. Our ground-breaking, quantum-safe solutions offer device identity protection, communication integrity and data provenance by creating trusted connections, even over untrustworthy networks.
Why join our talented team:
As we continue to create breakthroughs at the forefront of technology, we are looking for a Cyber Security Analyst specialised in OT/IT red team assessments. You will help us develop the reliability and security of our ground-breaking hardware and software authentication and encryption product. Reporting to the CTO and Engineering Lead, you will advance our knowledge and expertise in cyber risk assessments and mitigation control, incident response and secure architectures.
As a fast-scaling start up, this role offers the opportunity for significant learning and professional development in a fast-paced industry, and you will work closely with the senior management team and key stakeholders within the company.
What you will do:
- Develop IT/OT cyber security assessment approaches to ensure pro-active identification of threats and attack vectors in line with NIST 800-53
- Prepare, review and assess the low-level and high-level design for IT/OT environments in line with industry best practice and international standards/guidelines, such as ISA 99/IEC 62443, NISTIR 8183, NISTIR 8259, Enisa Good Practices for Security of IoT, PAS 1885:2018, and ISO21434
- Review and assess the architecture and design of our IT/OT communication authentication and encryption solutions
- Identify and highlight areas of concerns in the design, and suggest risk mitigation controls and recommendations to the engineering and development team
- Maintain familiarity with relevant legislation and regulation to IT/OT cyber security, digital forensics and incident response
- Review security tools, processes and procedures to assist in testing the robustness of current and developing systems
- Identify and develop research into future attack vectors for IT/OT systems
- Provide technical assistance and advice to the engineering team and the sales team where necessary
- Deliver high-quality technical analysis, reports, and presentations to senior management
What we are looking for:
- 4-6 years’ experience working in a security role, focused on assessing cyber security risks for IT/OT systems and recommending viable security controls to mitigate against the risks
- Proven working experience in conducting cyber security assessments and implementing risk mitigation controls for IT/OT systems
- Demonstrable knowledge of OT/IT security best practices applied in red team assessments and exercises
- Good knowledge and understanding of threat hunting strategies for IT/OT environments
- Good knowledge and experience of IT/OT cyber incident response, cyber kill-chain, and the Mitre ATT&CK framework
- Proven ability of designing, implementing and reviewing IT/OT security assessments and incident response plan
- Good understanding of protocols common within IT/OT (e.g., MODBUS, DNP3, S7, OPC. HTTP, SMB, DNS etc.)
- Good understanding of technical design considerations with emphasis on operational safety
- Good experience in engineering security solutions for real-time and/or performance-sensitive systems is a bonus
- Qualified to degree level in cyber security, industrial systems, computer science, or a related field
- Certifications such as Security+, Network+, SSCP, CCNA, GSEC, OSCP are desirable
- Proven ability to rapidly interpret technical and business requirements and understand complex trade-offs in drawing conclusions and recommendations
- Proven ability to engage and work with other technical experts and incorporate their input and feedback
- Proven ability to communicate complex topics clearly and concisely
- Excellent verbal and written technical English communications skills
ANGOKA is an Equal Opportunity Employer. We welcome and encourage applicants from all backgrounds and experiences. We do not tolerate discrimination or harassment. At ANGOKA, all our hiring decisions are based on business needs, job requirements and individual qualifications, and we are committed to creating an inclusive culture that supports and represents our diverse society.