Insider Job Board Insiderjobboard.com

Start Your Job Search

Search:

SCADA/OT Penetration Tester

IMRI is seeking an expert Penetration Tester with expertise in IoT device testing, cloud security, and  industrial control systems (ICS)/SCADA assessments.

Essential Responsibilities

  • Perform penetration testing against a variety of targets. These include:
    • External Networks
    • Internal Networks
    • Wireless Networks
    • Web Applications and APIs
    • Mobile Devices / Applications
    • Cloud Environments
    • Social Engineering (on-premise and electronic)
    • Firewalls (Firewall Review)
    • SCADA Networks
    • IoT Devices 

Required Skills and Experience

  • 5+ years in an active penetration testing role. 
  • 5+ years of IT experience (e.g., network/sysadmin or web developer)
  • Knowledge of common cybersecurity frameworks and regulatory requirements
  • Certifications such as:
    • GIAC Global Industrial Cyber Security Professional (GICSP)
    • GIAC Response and Industrial Defense (GRID)
    • Offensive Security Certified Professional (OSCP)
    • CREST Registered Penetration Tester (CRT)
    • Certified SCADA Security Architect (CSSA)
    • Offensive Security Certified Expert3
    • GIAC Penetration Tester
    • Certified Ethical Hacker (CEH)
    • Cisco Certified CyberOps Professional
    • CCNP Security
  • Strong knowledge of the following:
    • Modern penetration testing tools and methods
    • Network administration
    • System administration (Windows / Linux)
    • Firewall reviews
    • Web-based application security concepts
    • Cloud services (GCP, AWS, and Azure)
    • IEEE 802.11 security concepts
    • Windows/Linux/UNIX internals
    • Internet protocol suite
  • Fundamental understanding of SCADA systems
  • MITRE ATT&CK for ICS knowledge
  • Experience with tools like:
    • Wireshark, Metasploit, Nmap
    • PLC exploitation frameworks (e.g., Modbus, DNP3 tools)
    • SHODAN, Censys for open SCADA systems Experience using interpreted languages (Python, PHP, etc.)
  • Knowledge of compiled languages (Java, C, C++, Assembly, etc.)
  • Knowledge of common IT governance guidance
  • Expertise in developing exploits
  • Social engineering techniques and tactics
  • Strong written and verbal skills
  • Bachelor’s degree in Engineering, Computer Science, or related field
  • Background Check Required