4 Ics Security Jobs

As an IT/OT Vulnerability Assessment and Penetration Testing (VAPT) Engineer, you will play a crucial role in identifying and addressing security vulnerabilities within IT systems, Industrial Control Systems (ICS), and Industrial Internet of Things (IIoT) environments. Your primary responsibilities will involve conducting thorough security assessments on critical infrastructure, SCADA systems, PLCs, field devices, gateways, and cloud-connected IIoT platforms. By simulating advanced adversary tactics, you will uncover vulnerabilities and offer strategic guidance for remediation. This position requires individuals with a comprehensive understanding of enterprise IT security and industrial/embedded system ecosystems. Your duties will encompass various key areas: 1. Vulnerability Assessment & Penetration Testing (IT + ICS/IIoT): - Conduct black-box, grey-box, and white-box VAPT on a range of assets including enterprise IT assets, OT/ICS assets, and IIoT platforms. - Simulate APT-level attacks across different IT-OT architectures and execute Red Team scenarios to replicate insider threats or supply chain compromise. 2. ICS Protocol & Field Device Security Testing: - Analyze and exploit vulnerabilities in various ICS protocols. - Perform live traffic analysis, packet manipulation, and protocol fuzzing to evaluate resilience. - Assess control logic vulnerabilities in ladder logic, structured text, and function blocks. 3. Firmware & Hardware Exploitation (IIoT/ICS Devices): - Extract and analyze firmware from industrial devices using specific interfaces. - Conduct static and dynamic analysis utilizing various tools. - Reverse engineer file systems and analyze web interfaces or CLI backdoors. - Exploit misconfigured bootloaders, firmware upgrade mechanisms, or exposed debug ports. 4. Network Architecture & Segmentation Testing: - Review and test IT-OT segmentation via different configurations. - Evaluate trust relationships, weak credential policies, and insecure remote access. - Identify unauthorized bridging of air-gapped networks or misconfigured routing/switching. 5. Cloud & IIoT Platform Security: - Evaluate MQTT brokers, telemetry, and analytics pipelines. - Test REST APIs, mobile app integrations, and cloud misconfigurations. - Identify insecure certificate handling, default API tokens, and encryption issues. You will also be responsible for developing detailed technical and executive-level reports, recommending hardening measures for IT and OT systems, ensuring compliance with industry frameworks, and aligning assessments with regulatory standards. Additionally, you should have a Bachelor's or Master's degree in a relevant field and possess deep knowledge of ICS/SCADA systems, embedded architectures, and real-time operating systems. Hands-on experience with various security tools and certifications such as OSCP, GRID, GICSP, or CISSP are preferred. This role may involve travel across the country for project execution, coordination with distributed teams, and effective communication skills are essential. If you meet the requirements and are passionate about cybersecurity and industrial systems, we encourage you to submit a cover letter summarizing your experience along with a resume and a recent passport-size photograph.,

The role at KPMG in India involves providing professional services as a member of the affiliated Indian entities with KPMG International Limited. Since its establishment in August 1993, KPMG has been dedicated to leveraging a global network of firms and maintaining a deep understanding of local laws, regulations, markets, and competition. With offices across various cities in India, including Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara, and Vijayawada, the professionals at KPMG cater to national and international clients across different sectors. The responsibilities associated with this position include conducting cyber security assessments, Red Teaming, designing security architecture, performing infrastructure and application security assessments, carrying out vulnerability assessment and penetration testing, reviewing security of traditional IT and non-IT network environments such as Telecom and OT networks, addressing ICS Security, IOT Security, and API Security Testing. As an equal opportunity employer, KPMG in India is committed to providing a diverse and inclusive work environment.,

As a Principal Cybersecurity Engineer at Medtronic, you will serve as the Principal OT Risk Governance Analyst, leading the development, implementation, and oversight of robust risk management and governance frameworks for our Operational Technology (OT) environments in manufacturing. Your expertise will ensure that OT security controls align with corporate policies, industry regulations, and cybersecurity best practices, playing a critical role in Medtronic's mission to champion healthcare access and innovation. A Day in the Life You will drive cybersecurity excellence within our OT environments by: Leading OT risk assessments , identifying and rating risks based on the established risk matrix. Maintaining the risk register and tracking risks specifically related to manufacturing environments. Ensuring compliance with NIST CSF, NIS 2, and other relevant cybersecurity frameworks and regulations. Collaborating with IT, OT, and compliance teams to align cybersecurity policies with operational requirements. Establishing and maintaining OT security governance frameworks, policies, and procedures. Defining roles and responsibilities for OT security within manufacturing operations. Developing tailored security awareness programs for OT personnel, engineers, and plant operators. Providing guidance on secure architecture, network segmentation, and access controls for OT systems. Supporting the cybersecurity incident response process , including detection, response, and recovery planning. Collaborating with IT security teams, SOC analysts, and plant personnel to investigate and mitigate security incidents. Ensuring disaster recovery plans incorporate IT and OT system resilience and recovery. Assisting manufacturing teams with initial documentation of disaster recovery plans, tabletop exercises, and tracking updates. Acting as a key advisor for manufacturing operations teams and cybersecurity stakeholders. Developing training on IT and OT security risks, governance frameworks, and compliance expectations. Facilitating security awareness sessions for IT and OT engineering teams. Required Qualifications and Experience Bachelor's degree in Cybersecurity, Information Technology, Engineering, or a related field with 14+ years of overall experience. 5+ years of experience in OT security, risk management, or governance in manufacturing, energy, or critical infrastructure. Strong knowledge of ICS/SCADA systems , industrial protocols (Modbus, OPC, DNP3, etc.), and IT and OT asset management. Experience with risk assessment methodologies , audit frameworks, and regulatory compliance. Familiarity with frameworks like NIST 800-82, IEC 62443, ISO 27001, and the Purdue Model for ICS Security. Strong communication and leadership skills for cross-functional collaboration. Preferred Qualifications Industry certifications: CISM, CISSP, CRISC, GICSP, ISA 62443, or equivalent. Experience with vulnerability management, threat modeling, and incident response in manufacturing environments. Knowledge of firewalls, network segmentation, and endpoint protection for ICS environments. Benefits & Compensation Medtronic offers a competitive Salary and flexible Benefits Package. We are committed to our employees, recognizing their contributions and providing resources to support you at every career and life stage. About Medtronic Medtronic leads global healthcare technology, boldly attacking the most challenging health problems facing humanity by searching out and finding solutions. Our Mission to alleviate pain, restore health, and extend life unites a global team of 95,000+ passionate people. We are engineers at heart, putting ambitious ideas to work to generate real solutions for real people, leveraging talent, diverse perspectives, and courage to engineer the extraordinary.

Interface with industrial protocols: OPC UA/DA, Modbus, BACnet.Configure telemetry pipelines using REST APIs, WebSockets, gRPC. Generate network diagrams, configuration documents, and audit. validate Orbital edge devices at industrial client sites.