Senior OT Cyber Engineer

Job Title: Senior OT Cyber Engineer

About Us

Capco, a Wipro company, is a global technology and management consulting firm. Awarded with Consultancy of the year in the  British Bank Award and has been ranked Top 100 Best Companies for Women in India 2022 by Avtar & Seramount. With our presence across 32 cities across globe, we support 100+ clients across banking, financial and Energy sectors. We are recognized for our deep transformation execution and delivery. 

WHY JOIN CAPCO?

You will work on engaging projects with the largest international and local banks, insurance companies, payment service providers and other key players in the industry. The projects that will transform the financial services industry.

MAKE AN IMPACT

Innovative thinking, delivery excellence and thought leadership to help our clients transform their business. Together with our clients and industry partners, we deliver disruptive work that is changing energy and financial services.

#BEYOURSELFATWORK

Capco has a tolerant, open culture that values diversity, inclusivity, and creativity.

CAREER ADVANCEMENT

With no forced hierarchy at Capco, everyone has the opportunity to grow as we grow, taking their career into their own hands.

DIVERSITY & INCLUSION

We believe that diversity of people and perspective gives us a competitive advantage.

Role Description:

Exp: 5 - 10yrs

Location - Bangalore

Technical Requirement:

Key Responsibilities: The OT (Operational Technology) Cybersecurity Engineering and Innovation team is responsible for the strategic and technical direction of OT/IACS (Industrial Automated Control Systems) cybersecurity . OT Cybersecurity Engineers support activities such as secure-by-design, standardized solution and network architectures, and the secure implementation of OT/IACS digital technologies across Lead OT Cyber Engineers are cybersecurity influencers functioning at the Enterprise level, reaching broadly across multiple IT Foundational Platform product lines, select Digital Platforms, and OT/IACS Business Unit. These engineers have a grasp of business breadth, along with technical depth to help stakeholders make quality cybersecurity investment decisions. This role positively impacts global cybersecurity practices, in various operating assets and environments, delivering on the cybersecurity integrated risk management strategy.

Required Skills:

•    Contribute to OT/IACS Cybersecurity initiatives, technology projects and security programs for one or more digital platform
•    Contribute to the design and review of secure IACS/OT network architectures and data flows including communication between applications, ports, protocols, and services
•    Contribute to the creation of OT/IACS cybersecurity guardrails and IT engineering standards to ensure  OT architectures, solutions and technologies across the enterprise are built using a secure-by-design methodology
•    Utilize industry standards and frameworks (e.g., NIST-800-53/82, IEC-62443, MITRE ATT&CK / D3FEND), to identify capabilities and technologies to provide enhanced cyber defenses in diverse scenarios
•    Participate in OT cybersecurity research projects. Research, test, and/or lead proof-of-concepts for new and emerging OT technologies 
•    Lead or participate in cybersecurity assessments (risk, vulnerability) for Business Unit IACS designs/installations and/or emerging technology OT solutions to determine criticality rankings and risk gaps
•    Take an active role in the internal OT Cybersecurity Guild, for knowledge transfer and mentoring, and actively participate, contribute, and present at OT/IACS Cybersecurity forums
•    Some travel (up to 20%) may be required.

Required Qualification:

1.    Preferred Required education / degrees
Bachelor’s degree or master’s degree in Information Technology, Computer Science, Engineering, or related STEM field is preferred, but not required. 

2.    Preferred qualifications / certifications 
Certifications in Industrial Control Systems Cybersecurity or in IT Cybersecurity are highly preferred (e.g., GISCP, GCIP, CISSP, or other similar certification)
•    Vendor-specific training on Operational Technology, IACS equipment manufacturers and internal network systems are highly preferred.  
•    Certifications in SAFe Scaled Agile or related scrum/agile project management framework is desirable. 

3.    Required work experience 
•    Minimum 5 years related work experience in Operational Technology/Industrial Controls Systems Cybersecurity field with increasing levels of responsibility.  
•    “Hands-On” experience with OT/IACS critical infrastructure in energy or similar industries preferred.  

Preferred Qualification:

4.    Other preferred skills / competencies 
•    Experience in utilizing frameworks and standards such as NIST-800-53/82 and IEC-62443 in an IACS environment
•    Experience with Industrial Internet of Things (IIoT), optimization, “Big data” analytics, OT integration and/or SCADA from the Cloud is preferred.
•    Experience in conducting and/or leading cybersecurity assessments (risk, vulnerability) and creating a detailed mitigation plan and recommendations to address gaps identified
•    Demonstrated OT Cybersecurity project experience including leading the development of security architectures (programs) and secure network architectures (systems).
•    Experience in performing OT/IACS vulnerability scans, passively and actively with technologies such as Tenable Nessus or NMAP scanning tools.
•    Understanding of threats, vulnerabilities, attack paths and exploits in an OT/IACS environment
•    Experience with selecting, designing, architecting, and deploying security technologies to an OT/IACS environment
•    Ability to influence and motivate teams, and work with a variety of disciplines, cultures, and environments.
•    Demonstrated ability to work effectively, and communicate effectively at all levels with operations, design, projects, vendors, peers, etc.
•    Demonstrated ability to provide leadership behaviors across enterprise through rigorous change management and compliance processes, while driving efficiencies.
•    Knowledge of techniques and tools that promote effective analysis and the ability to determine root cause and resolution of problems.
•    Communicates in a clear, concise, understandable manner both orally and in writing.