Principal Cyber Strategic Consultant

Role: Principal Consultant - OT C&I

Location: Sydney, NSW

Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.

We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.

We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference, and we want you to join in our mission, as a Senior Security Consultant.

Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business… https://www.nccgroup.com

Summary

NCC Group specializes in offering comprehensive Cyber Assurance and engineering services aimed at assisting businesses in fortifying their cybersecurity posture. This encompasses defining security strategies, conducting risk assessments, developing policies, providing security awareness training, and offering on-demand cyber expertise.

Our core services range from strategy and governance to incident response planning and 62443 assessments. We also provide bespoke services tailored to the specific needs of organizations, including managed services, security architecture review, SOC, monitoring, DFIR, Penetration Testing, Safety reviews and cyber transformation programs.

The role within our OT division offers an exciting opportunity for individuals with prior relevant experience in the cyber and assurance field to leverage their skills in delivering high-quality solutions and fostering enduring client relationships.

Role Purpose/ Responsibilities:

As a Principal OT consultant in NCC Group's Global OT Consulting and Implementation (C&I) division, your role is pivotal in providing Cyber Security Assurance and Engineering to businesses, aiding them in safeguarding critical systems and information assets.

Your responsibilities will include building and maintaining trusted client relationships, managing teams, conducting assessments, translating technical findings into actionable roadmaps, and ensuring adherence to internal policies and procedures.

Moreover, you will play a key role in supporting sales activities and mentoring junior consultants, contributing to the overall knowledge sharing and growth within the delivery team.

You will be working with the Global OT Director to expand our global engineering capabilities.

Additionally, your responsibilities will extend to supporting the development of the C&I capability globally in some instances this could also include travel.

Required Skills:

• The ability to assess and develop cyber security engineering solutions for industrial control systems (ICS), SCADA, and other OT environments
• Provide expert consulting services in IT & OT and convergence challenges and solutions ideally with focus in the Rail sector, specifically commissioning depots or manufacturing facilities.
• Perform risk assessments and gap analyses against relevant industry standards and frameworks (NIST, IEC 62443, etc.)
• Leading workshops with suppliers and operators to facilitate 62443 Initial Risk Assessments, Detailed Risk Assessment processes and artifacts, and preparation of security cases for regulatory submission.
• Design and implement security controls specific to industrial environments
• Manage teams and projects that create and deliver technical reports and executive presentations for clients
• Understanding of emerging threats, vulnerabilities, and security solutions specific to OT environments and protocols.
• Support international teams remotely but also can travel where necessary to client sites
• Excellent communication, consulting, and presentation skills, along with exceptional written communication and reporting abilities.
• A recognised OT qualification such as GIAC GICSP, 62443 and similar
• Have delivered OT projects within a critical national infrastructure client ideally in the transport subsector.
• Ability to combine MITRE Threat Modelling, OT & Enterprise, aligned to IEC/ISA 62443.
• Experience with TS 50701 (IEC63452) standard.
• Practical experience as controls systems engineer or industrial engineering with SCADA or DCS or EMS.

Desired Skills and Qualifications:

• Certifications like CISM, CISSP, CRISC, ISO 27001 LI/LA, CISA are advantageous.
• A degree in a science related topic (some examples are Mathematics, Computer Science, Engineering, Physics or relevant significant work experience in an operational environment)
• Proficiency in managing people and building teams, demonstrating the ability to lead and develop individuals to contribute effectively to the team's objectives and overall organizational success.
• Willingness and capability to prioritize safety of people, equipment and the environment when working in hazardous or "operating environments" such as side

Behaviours:

• Focusing on Clients and Customers.
• Working as One NCC.
• Always Learning.
• Being Inclusive and Respectful.
• Delivery Brilliantly.
• Enabling Performance.

About NCC Group

The NCC Group family has over 2,000 members located all around the world, providing a trusted advisory service to 15,000 customers. Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates.

We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment in our people and our business.

Our values and code of ethics are at the heart of how we operate – we work together, we are brilliantly creative, and we embrace difference. We treat everyone and everything with equal respect.

We want to create an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing their personal experiences to represent the diversity of the world they live in, and have equal opportunity to achieve their best.

About your application

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, please email global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role has background clearance as mandatory due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.