Job Description

8-12 years of experience in IT and OT cybersecurity, infrastructure security, or risk management. Proven experience conducting VAPT, security assessments, and compliance audits across hybrid environments. Strong knowledge of IT-OT convergence, industrial network protocols, and control system security. Familiarity with security frameworks and standards (ISO 27001, NIST CSF, CIS Controls, IEC 62443, etc.).

Key Responsibilities:

Assess and document the current IT and OT security posture, including network, server, endpoint, and control systems. Identify any historical or ongoing security breaches, review their closure status, and define corrective and preventive actions for unresolved issues. Plan and execute Vulnerability Assessment and Penetration Testing (VAPT) for all critical IT systems, applications, and infrastructure components. Conduct security compliance audits to verify alignment with organizational, regulatory, and industry standards (e.g., ISO 27001, NIST, IEC 62443). Evaluate and strengthen IT-OT integration security controls, ensuring proper segmentation, authentication, and monitoring mechanisms. Review and enhance remote connectivity practices, ensuring secure access protocols and mitigating potential exposure risks. Develop and implement action plans to close identified security gaps across IT and OT environments. Collaborate with infrastructure, application, and operations teams to embed security best practices during the integration process. Prepare comprehensive security assessment reports, remediation plans, and post-integration security validation documentation.
Support incident response and risk management processes throughout the integration lifecycle.

Job Type: Contract

Work Location: In person