17 Iec 62443 Jobs

Role & responsibilities Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline 14+ years of product cyber security engineering and software systems development experience; at least 2 years hands-on experience with penetration testing methodologies and tools. In depth knowledge of IEC 62443 and related cybersecurity standards. In-depth knowledge of requirements captures, cyber security threat modeling and systematic discovery of threats, as part of Secure Development Lifecycle, with broad understanding of potential vulnerabilities at different layers of hierarchical systems Cyber security certifications such as OSCP, GSEC, CEH Knowledge of state-of-the-art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools Excellent written and verbal communication and presentation skills. Adept at communicating with globally disperse cross functional teams. (Preferred) Strong knowledge in various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems (Preferred) Intimate knowledge and experience with incident response management and risk assessment

Title: OT Operation and Security Consultant Job Title: Senior Consultant/ Assistant Manager OT (Operational Technology) Security & Consulting Location: Anywhere in India (Any Protiviti office) Travel: Up to 70% travel to the Middle East (UAE, KSA, Oman, Qatar, Kuwait, Bahrain etc.) Experience: 8+ Years Preferred Certificate: ISA/IEC 62443 Certification (any level), CISA, CRISC, CEH Employment Type: Full-time | Auditing & Consulting | Client-facing Position Summary: We are looking for a highly skilled Senior Consultant/ Assistant Manager OT Security & Consulting to join our Audit and Risk Advisory practice. The role requires hands-on experience in Operational Technology (OT) environments, focusing on Operational aspects, security assessments, governance reviews, and regulatory compliance audits for critical infrastructure. This role will be based in India, with frequent travel to client sites across the Middle East (up to 70%). The ideal candidate will bring deep domain knowledge in OT/ICS cybersecurity, solid audit experience, and the ability to work across industrial sectors including Oil & Gas, Utilities, Aviation, and Telecom. Key Responsibilities: OT Security Assessments Perform security audits of OT environments, including SCADA, PLC, DCS systems, and IIoT integrations. Review OT-specific policies and procedures for access management, configuration baselines, and asset inventories. Assess implementation of network segmentation, firewalls, and endpoint protection mechanisms in OT infrastructure. Evaluate OT vulnerability management, patching practices, and secure configurations. Assess backup & disaster recovery mechanisms for OT systems with focus on RTO/RPO alignment. Conduct OT-specific incident response readiness reviews, including logging, alerting, and simulation exercises. Review logging and monitoring practices using SIEM or similar tools for OT systems. OT Governance & Strategic Alignment Review OT strategy documents and validate alignment with business objectives and regional regulations (e.g., GACAR, ICAO). Evaluate OT governance structures including roles, responsibilities, and oversight mechanisms. Assess integration of cybersecurity risk into strategic planning. Review OT-related stakeholder engagement and communication mechanisms. Regulatory & Compliance Perform compliance assessments against global and regional standards: IEC 62443, NIST 800-82, NCA ECC, ISO 27019, GACAR, ICAO. Develop detailed audit reports, control gap analyses, and risk treatment recommendations. Support development of risk and control matrices (RCMs) and minimum baseline security standards. Experience: Minimum of 8+ years in OT/ICS cybersecurity, consulting, or auditing roles. Strong hands-on exposure to OT protocols (Modbus, DNP3, OPC, etc.), SCADA/DCS/PLC systems. Experience with risk assessment, control testing, and policy development in industrial environments. Prior consulting experience in sectors such as Energy, Utilities, Oil & Gas, Aviation, or Manufacturing is highly preferred. Certifications (Mandatory: One or more recent): GICSP – GIAC Global Industrial Cyber Security Professional ISA/IEC 62443 Certification (any level) CISM or CISSP (preferred) CISA – Certified Information Systems Auditor (audit-focused candidates) ISO 27001:2022 Lead Auditor CRISC – Certified in Risk and Information Systems Control (desirable) Interested candidates can directly share their updated resumes at kirti.goyal@protivitiglobal.in

Cybersec Security Advisor Job description: Are you passionate about tackling complex data problems? Do you thrive on using your analytical and cybersecurity skills to solve large-scale challenges? Are you intrigued by the intersection of complex business processes and data-driven approaches? If so, we'd love to hear from you! At Schneider Electric, we are undergoing a transformative journey by leveraging Artificial Intelligence & Automation technologies to empower users with Machine Learning and Cognitive computing, driving business value. Simultaneously, as the number of cybersecurity threats continues to grow, we recognize the importance of having a comprehensive cybersecurity approach across our solutions to safeguard our business and customers. We seek a cybersecurity professional to join our AI Digital Risk Leader & Data Officer team to drive the implementation of Secure development process in our AI organization. To ensure a cohesive cybersecurity strategy implemented throughout our AI HUB, you will collaborate closely with AI Cybersecurity teams but also Autonomous spokes team in NAM and GSC. The role The Security Advisor is responsible for the adoption and implementation of the SDL framework following the Schneider Electric SDL V2 process and in compliance to the SE SDL Policy and other cybersecurity policies, procedures, and best practices, and to advise on cybersecurity technical requirements for the development of secure products and systems. The Security Advisor regularly interacts with key stakeholders (including representatives from marketing, R&D offer development, technical leaders, and leadership team members) as well as stakeholders from the Business Unit Security Team and the corporate Product Security Office (PSO) to ensure that cybersecurity guidelines and processes are executed in an efficient and effective manner. Key Responsibilities for the Role • Act as Subject Matter Expert, serve as a consultant and advisor for cybersecurity topics within AI development teams. Provide guidance, coaching and expertise to execute SDL practices such as threat modelling, secure design practices, secure coding and implementation, and security testing. • Gather SDL and Cybersecurity metrics to contribute to data driven strategies and plans to aid in the deployment of SDL and cybersecurity functionality as required by cybersecurity standards such as IEC62443, and to further improve SDL and Cybersecurity effectiveness and efficiency. • Ensure that their assigned development teams abide with risk-driven cybersecurity processes and controls. • Support development teams to manage vulnerability triage and resolution • Support internal SDL audits and Formal Cybersecurity Reviews (FCSRs) and other supported Schneider data security and privacy processes. • Conduct training and presentations to build cybersecurity competencies within teams. • Track organizational maturity using cybersecurity maturity frameworks and track other SDL-related goals as directed. Qualifications - External Key skills and requirements • Ability to align operational/information security policies with business requirements. • Process driven with attention to detail, ability to translate operational/information security requirements into security controls in coordination with architects. • Ability to effectively adapt to and apply rapidly changing technology and security requirements to business needs. • Knowledge of static code analysis tools, secure coding standards, fuzz and penetration testing, and formal security reviews. • Working knowledge of security and privacy standards, regulations, and legislation. • Demonstrated ability to develop threat models, analysing threats, and rate threat severity using established industry practices • Experience with AI and ML technologies and services (Machine Learning, Conversational AI, Computer Vision, No Code / Low Code AI) Qualifications & Experience • Customer-oriented with a service-oriented attitude (flexible, personable, and approachable) • Certification in Cybersecurity Management such as CISSP, CSSLP; and/or IEC 62443 Certified Specialist. • Experience of working in an Engineering/R&D group following a Secure Development Lifecycle based on standards such as IEC 62443, ISO 21434, or Microsoft SDL; with a proven ability to engage with management and development teams. • Experience guiding and assisting organizations in implementing security product/system development practices. • Experience in driving corporate programs using influence, negotiation, and persuasion soft skill set. • An understanding of domain appropriate communication mechanisms protocols • Strong communication skills, including the ability to render concise reports, summaries, and presentations. • Project management or technical leadership skills preferred.

Secure OT/ICS/SCADA environments by implementing cybersecurity measures tailored for industrial systems and protocols Required Candidate profile Experts in OT/ICS cybersecurity with knowledge of industrial protocols, plant systems, and critical infrastructure protections.

Minimum requirement: Min 3-year experience performing security testing on Industrial control system components like PLCs, SCADA, IIOT devices etc. Equivalent science or engineering degree Min. one professional certifications such as Certified Ethical Hacker (CEH), ISA/IEC 62443, OSCP or certified Penetration Tester preferred.

Minimum requirement: Min 3-year experience performing security testing on Industrial control system components like PLCs, SCADA, IIOT devices etc. Equivalent science or engineering degree Min. one professional certifications such as Certified Ethical Hacker (CEH), ISA/IEC 62443, OSCP or certified Penetration Tester preferred.

Minimum requirement: Min 3-year experience performing security testing on Industrial control system components like PLCs, SCADA, IIOT devices etc. Equivalent science or engineering degree Min. one professional certifications such as Certified Ethical Hacker (CEH), ISA/IEC 62443, OSCP or certified Penetration Tester preferred.

Role & responsibilities Proven experience in conducting penetration tests, vulnerability assessments, and security audits across diverse environments. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP etc. Proficiency in using penetration testing tools and frameworks such as Nessus, Burp Suite, Nmap, and other ethical hacking tools. Understanding of component/system architectures in OT environments. Preferred candidate profile Perks and benefits

Role & responsibilities Proven experience in conducting penetration tests, vulnerability assessments, and security audits across diverse environments. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP etc. Proficiency in using penetration testing tools and frameworks such as Nessus, Burp Suite, Nmap, and other ethical hacking tools. Understanding of component/system architectures in OT environments. Preferred candidate profile Perks and benefits

Key Responsibilities: Ensure complete compliance with internal cybersecurity policies and frameworks ; identify and resolve any OT-related security deficiencies. Maintain an accurate inventory of all Operational Technology (OT) assets through platforms like Claroty or equivalent. Demonstrate deep technical knowledge of OT devices and network infrastructure including PLCs, HMIs, SCADA systems, desktops, and communication protocols such as Modbus, Modbus TCP, TCP/IP; expertise in VLANs and Firewall configuration is essential. Monitor potential cyber threats and manage remediation activities in coordination with remote support teams and internal security operations. Support and drive plant-level cybersecurity transformation projects , ensuring sustainable and compliant operations. Exhibit strong interpersonal and communication skills to coordinate effectively with internal teams and stakeholders. Key Competencies: Functional Competencies: Solid technical background in Operational Technologies . Strong understanding of plant infrastructure , OT network layers, and industrial security protocols. Capability to work with cross-functional teams including IT, operations, and third-party vendors. Familiarity with IEC 62443 standards and other cybersecurity frameworks. Experience in planning, coordination, and execution of OT security tasks. Behavioral Competencies: Customer-centric mindset with ownership of responsibilities. Strong written and verbal communication skills. Responsiveness and accountability in time-critical situations. Candidate Profile: Education: B.E / B.Tech Experience: 3 to 5 Years in OT cybersecurity, automation, or industrial network security Preferred Background: Automation, Technology, Industrial Cybersecurity, or related industries Critical Skills: Cybersecurity coordination, threat monitoring, OT asset management, network security, stakeholder engagement

Job Description: The Industrial Cybersecurity Assessor will evaluate the security of network-connectable devices, products, and industrial equipment systems. This will include the analysis of products under evaluation, the support and training of engineers for evaluation projects. Working on connected technologies Industrial OT/ IIoT, IoT using the security framework, certification as per IEC-62443 standards within several unique ecosystems including Smart buildings, Smart Cities, Smart Manufacturing -Industry4.0, Factory automation The ideal OT candidate shall possess an understanding of OT fundamentals and best cybersecurity practices. Responsibilities: Shall be able to provide personalized guidance and support to customers, considering project planning, training, assessment, documentation, and implementation. Formal report writing in line with customer and certification scheme requirements. Support IEC 62443 certification of components, products, and systems. Support the Project Management team on evaluation scoping, resource requirements, certification body and customer expectations, delivering projects within the expected time. Pro-actively identifies relevant industry trends and drive knowledge / expertise development in this domain, by coaching colleagues and taking ownership of activities to increase customer awareness of UL (including papers, articles, conference attendance). Provides upgrades to UL and industry technical requirements on security requirements along with other standard bodies by collaborating the Software & Security team. Supports security team in building and improving ULs assurance programs and services. Provides high-level technical support to the operations department and internal staff. This may include planning, logistics, updating procedures, training, and quality issues. Provides sales support and the sale of more complex projects. Ensures internal procedures such as timely updates on project progress, invoicing and other administrative processes are being followed. Qualifications: University Degree (Equivalent to a bachelors degree), preferably in Cybersecurity, Instrumentation and Controls, Computer Science, Information Technology, Mathematics or a technically related discipline At least 2-5 years of relevant work experience, proven background in customer facing advisory services, technical expertise. Experience with IEC 62443 standard, Industrial automation, and control systems-DCS/ICS/SCADA/PLC/OT Protocols/OT security. Have proven experience in customer facing advisory services (project and delivery), and knowledge of product certification methodologies. Have a competency in cybersecurity domain (Risk Management, Asset Security, Network Security, Identity & Access Management etc.) and in other cybersecurity solutions. Have strong communication skills and the ability to facilitate presentations and quickly adapt to various technical and organizational environments. About the Team: The world has never been more connected. Which means your skills as a cybersecurity expert have never been more essential. We hack for good, uncovering threats and understanding how bad actors operate. Whether its connected vehicles, medical devices or smart appliances, youll help keep products safe and secure in an increasingly threatened world. Join our team, collaborate with a global community of experts and use your skills to shape a more secure future.

Senior Cybersecurity Specialist Are you an experienced cybersecurity professional who is excited about practical application of cybersecurity into industrial and IoT environments We would like to have you on our team to keep smart cities cybersecure! The KONE Technology and Innovation (KTI) function is where the magic happens at KONE. It's where we combine the physical world - escalators and elevators - with smart and connected digital systems. We are changing and improving the way billions of people move within cities every day. Within the KONE Technology & Innovation unit, we have a dedicated Cecurity team for assuring the security of KONE's products and solutions as well as applications used by KONE's business lines. Buzzwords: Application security, Cloud security, SDL, DevSecOps We are now looking for a person to support and drive the Security Development Lifecycle (SDL) activities in KONE solution development projects. Our solutions range from connected elevator systems to cloud services and to mobile applications for technicians and for end users. As a Senior Cybersecurity Specialist, you will be responsible for supporting KONE development teams globally to identify and implement security requirements and to review and test the solutions as they have been implemented. You enjoy working in co-operation with development teams to offer solutions for security problems and practical guidelines on how to implement security in the projects. You get to conduct threat analysis and identify the appropriate security requirements. You don't shy away from getting hands on with application owners and developers to guide them or help them implement the necessary security controls. Through validation and testing you ensure that controls are implemented, and the requirements fulfilled. You support our becoming and existing Security Champions to succeed in their roles by guiding, identifying their skill gaps, and providing training. You might be an experienced security-minded software developer, or perhaps you are a cybersecurity professional who has specialized in application security. You can communicate with various audiences, and you can deal both with the big picture as well as with details when so required. The position is located in Pune, India. Responsibilities Act as a cybersecurity advisor and provide security expertise and guidance to development and operations teams. Conduct risk-based security impact assessments to classify applications and assign appropriate security requirements. Translate requirements into actionable tasks and guide stakeholders in understanding and implementing them. Detect security issues during validation and operation using automation and scenario-based testing. Help teams to understand and mitigate risks and vulnerabilities. Review and enhance security documentation and assessments from Security Champions, offering constructive feedback. Monitor R&D and IT stakeholder needs and deliver targeted security training or clinics. Collaborate within the Cybersecurity team to improve KONE's security management system, SDL standards, processes, and tools. Requirements 5+ years of experience in cybersecurity. CISSP, CSSLP or other relevant certifications are considered a plus. Educational qualifications (B. Sc. or M Sc. in computer science, business administration, information technology management, information systems security or related) Practical experience in implementing Security Development Lifecycle (SDL) in agile software projects (for example, Microsoft SDL, OWASP, BSIMM) Familiarity with security standards and best practices (for example: ISO 27001, IEC 62443, OWASP) Experience in threat modeling and security risk assessment Experience with DevSecOps practices and tools (SCA, SAST, DAST) Experience with cloud platforms (AWS or Microsoft Azure) Why to join KONE's cybersecurity team We at KONE's cybersecurity team are at an interesting point currently. Our focus has been on modernizing enterprise cybersecurity to limit risks with day-to-day operations but at the same time, we are building our industrial and product cybersecurity. KONE is on a digitalization journey and our elevators are transforming from a steel box on the end of a rope into central platforms of smart buildings. We are bringing totally new kinds of innovative solutions to the market to enable even smarter people flow. As our offering becomes more digital, excellent cybersecurity plays a crucial role in building customer trust. KONE Technology and Innovation We are changing and improving the way billions of people move within buildings every day. Hardware is where we've always shined, but today, digital expertise - IoT, analytics, AI, automation, simulation, to name a few - is equally important for our continued success. What's KONE Technology & Innovation like as a workplace We like to think of ourselves as a diverse tribe, pulling together to understand and meet the ever-changing needs of our customers, from concept through to design, down to every single finished product. This all happens in an atmosphere of trust and respect, typified by our Nordic values, a healthy work-life balance, and a flat hierarchy. Read more on

Interface with industrial protocols: OPC UA/DA, Modbus, BACnet.Configure telemetry pipelines using REST APIs, WebSockets, gRPC. Generate network diagrams, configuration documents, and audit. validate Orbital edge devices at industrial client sites.

Diversity hiring for Cyber Security Engineer - 5 to 10 Years at Bangalore. Position Cyber Security Engineer Experience – 5 to 10 Years Location – Bangalore Job Description: 5-8 years of experience in cybersecurity engineering, preferably in the manufacturing or industrial control systems (ICS) sectors. Strong knowledge of cybersecurity principles, risk management, and threat analysis. Proficiency with cybersecurity tools and technologies used for monitoring, detection, and incident response. Familiarity with cybersecurity standards and regulations such as IEC 62443, ISO 27001, NIST, etc. Relevant certifications such as CISSP, CISM, CEH, or GIAC are preferred. If interested, please share cv on omkar@hrworksindia.com Regards, Omkar 8208497043

Role Overview: The Senior Product Cyber Security Engineer/Architect works with product development teams across all regions globally to ensure commitment to the cyber security strategy of minimizing flaws and improving product resiliency to cyber-attacks by ensuring adherence to the integrated secure development lifecycle process, which embodies a secure-by-design defense in depth philosophy. You will be a strong technical expert in matters related to threat modeling and cyber controls and will report to a team manager responsible for product architecture review and testing. On a typical day you will: Work with product development teams and carry out functional cyber risk assessments to support their cyber requirements throughout the entire development cycle. Develop standard work documents for cyber controls that meet technical requirements (for both systems and components) arising from standards such as IEC 62443 Coordinate with quality and product development teams to periodically update cyber security design policies and ensure that these policies are incorporated into product design, with requirements for traceability and system validation and verification. What You Will Need to be Successful: Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline 14+ years of product cyber security engineering and software systems development experience; at least 2 years hands-on experience with penetration testing methodologies and tools. In depth knowledge of IEC 62443 and related cybersecurity standards. In-depth knowledge of requirements captures, cyber security threat modeling and systematic discovery of threats, as part of Secure Development Lifecycle, with broad understanding of potential vulnerabilities at different layers of hierarchical systems Cyber security certifications such as OSCP, GSEC, CEH Knowledge of state-of-the-art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools Excellent written and verbal communication and presentation skills. Adept at communicating with globally disperse cross functional teams. (Preferred) Strong knowledge in various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems (Preferred) Intimate knowledge and experience with incident response management and risk assessment

Designation: Senior Lead Engineer - Product Cyber Security Years of experience: 8 12 Years Location Hyderabad On a typical day you will: Perform DAST, SAST & Pentest for different products Perform Threat Modeling and Architecture reviews for new products and design changes with existing products Handle Product Cyber Incident Response activities and Active contribution to Risk Management Work with product development teams towards secure DevOps activities and CI/CD integration issues with Security tools Work with product development teams and carry out functional cyber risk assessments to support their cyber requirements throughout the entire development cycle. What You Will Need to be Successful: Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline 8+ years of product cyber security engineering and software systems development experience; at least 4 years hands-on experience with penetration testing methodologies and tools. In depth knowledge of IEC 62443 and related cybersecurity standards. In-depth knowledge of requirements captures, cyber security threat modeling and systematic discovery of threats, as part of Secure Development Lifecycle, with broad understanding of potential vulnerabilities at different layers of hierarchical systems Cyber security certifications such as OSCP, GSEC, CEH Knowledge of state-of-the-art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools Excellent written and verbal communication and presentation skills. Adept at communicating with globally disperse cross functional teams. (Preferred) Strong knowledge in various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems (Preferred) Intimate knowledge and experience with incident response management and risk assessment

Role & responsibilities Job Title: Senior Lead Engineer - Product Cyber Security Years Of Experience: 8-12 Years Role Overview: The Security Sr Lead Engineer/Tech Specialist works with product development teams across all regions globally to ensure commitment to the cyber security strategy of minimizing flaws and improving product resiliency to cyber-attacks by ensuring adherence to the integrated secure development lifecycle process, which embodies a secure-by-design defense in depth philosophy. You will be a strong technical expert in matters related to pentesting and cyber controls and will report to a team manager responsible for product architecture review and testing. This role is part of the Product Cyber team (under the Global DT Cyber team) which focuses on continuously improving the cyber posture of products that are often installed in customer's environments. On a typical day you will: Perform DAST, SAST & Pentest for different products Perform Threat Modeling and Architecture reviews for new products and design changes with existing products Handle Product Cyber Incident Response activities and Active contribution to Risk Management Work with product development teams towards secure DevOps activities and CI/CD integration issues with Security tools Work with product development teams and carry out functional cyber risk assessments to support their cyber requirements throughout the entire development cycle. Coordinate with quality and product development teams to periodically update cyber security design policies and ensure that these policies are incorporated into product design, with requirements for traceability and system validation and verification. Interface with global teams and share best practices and lessons learned Refine and support the standard work associated with product cyber security incident response management Work closely with the product testing teams to validate recommended security controls Continually enhance the capabilities of the Cyber security team: Identification of technology and methodology gaps Participation and leading technical and industry committees Creation of discipline health score card. Work in an environment of continuous improvement and lean process and product development. good to have knowledge in Agile methodologies. Stay updated on latest cyber security hacking news, technologies and methodologies including: The latest attack methodologies include penetration testing and red-team methodologies. Latest forensic and incident response methodologies. Attend security or hacker conferences and stay on the cutting edge What You Will Need to be Successful: Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline 8+ years of product cyber security engineering and software systems development experience; at least 4 years hands-on experience with penetration testing methodologies and tools. In depth knowledge of IEC 62443 and related cybersecurity standards. In-depth knowledge of requirements captures, cyber security threat modeling and systematic discovery of threats, as part of Secure Development Lifecycle, with broad understanding of potential vulnerabilities at different layers of hierarchical systems Cyber security certifications such as OSCP, GSEC, CEH Knowledge of state-of-the-art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools Excellent written and verbal communication and presentation skills. Adept at communicating with globally disperse cross functional teams. (Preferred) Strong knowledge in various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems (Preferred) Intimate knowledge and experience with incident response management and risk assessment Preferred candidate profile