Flatgigs is hiring an
OT Penetration Tester for a confidential client operating within
critical infrastructure and operational technology (OT) environments.
This role focuses on assessing the security posture of
industrial control systems (ICS), SCADA environments, and operational technology networks across sectors such as utilities, energy, and industrial infrastructure.
The role requires a
safety-first testing approach, ensuring all security assessments are conducted without disrupting operations or compromising critical infrastructure.
The successful candidate will identify vulnerabilities, evaluate operational risks, and provide clear remediation guidance to strengthen the resilience of industrial systems.
Key Responsibilities
OT Security Strategy & Testing Frameworks
- Design and implement OT-specific penetration testing methodologies and frameworks
- Develop testing procedures tailored for utility and industrial environments, including:
- Electric grid systems
- Water and wastewater treatment facilities
- Gas distribution networks
- Renewable energy installations
- Build capabilities for assessing industrial communication protocols and control systems
- Support development of OT cybersecurity testing practices aligned with UAE cybersecurity frameworks
Penetration Testing & Security Assessments
- Conduct safe and controlled penetration testing across OT environments including:
- ICS / SCADA networks
- PLCs, RTUs, and HMIs
- Industrial communication networks
- Assess network segmentation, firewall rules, and access controls
- Identify vulnerabilities, misconfigurations, and attack vectors
- Ensure all testing is non-disruptive and aligned with operational safety requirements
Industrial Protocol & Infrastructure Security
Evaluate security of OT environments using protocols such as:
- Modbus
- DNP3
- IEC 61850
- IEC 60870-5-104
- OPC UA
- BACnet
- Profinet
- EtherNet/IP
Perform testing across
industrial networks, control systems, and communication infrastructure.
Red Team & Adversary Simulation
- Design and execute red team exercises and adversary simulations
- Emulate real-world attack scenarios targeting industrial control systems
- Build knowledge repositories for:
- OT vulnerabilities
- Exploitation techniques
- Vendor-specific weaknesses
Security Reporting & Client Engagement
- Produce high-quality technical reports and risk assessments
- Provide remediation recommendations aligned with industry standards
- Present findings to:
- Technical teams
- Engineering teams
- Executive leadership
- Regulatory stakeholders
Translate technical vulnerabilities into
business and operational risk insights.
Compliance & Regulatory Alignment
Ensure testing activities comply with relevant frameworks including:
- IEC 62443
- NIST 800-82
- UAE national cybersecurity frameworks (NESA, DESC, TDRA)
Operational Delivery
- Deliver penetration testing engagements within defined scope, timelines, and SLAs
- Coordinate testing windows with client engineering and operations teams
- Document testing activities and evidence in accordance with audit and compliance requirements
- Support remediation validation and re-testing activities
Emerging Infrastructure Security
- Conduct wireless security assessments for industrial infrastructure including:
- Radio communications
- Satellite connectivity
- Cellular backhaul
- Industrial wireless sensor networks
- Assess security of cloud and hybrid OT architectures, including distributed energy management systems and industrial monitoring platforms.
Required Experience
- 8-10 years of experience in cybersecurity, penetration testing, or red teaming
- Minimum 3 years working specifically in OT / ICS / SCADA environments
- Experience conducting controlled testing in industries such as:
- Utilities
- Oil & Gas
- Manufacturing
- Critical infrastructure
Hands-on experience testing:
- ICS / SCADA networks
- PLCs, RTUs, HMIs
- Industrial communication protocols
Technical Skills
Strong knowledge of:
- OT / ICS architecture and industrial networks
- Industrial communication protocols
- Penetration testing tools and techniques
- Network and segmentation testing
- Wireless security testing
- Secure configuration assessments
- Vulnerability assessment and reporting
Tools familiarity may include:
- Nmap
- Metasploit
- Wireshark
- ICS-specific security testing tools
Understanding of
OT-specific risks, including operational downtime, safety impact, and infrastructure availability.
Qualifications
Bachelor's degree in one of the following:
- Computer Science
- Information Security
- Electrical / Control Engineering
- Cybersecurity or related technical field
Preferred certifications:
- GICSP
- ISA/IEC 62443 certifications
- OSCP / OSCE / OSEP
- GPEN / GXPN
- CEH / CPT
Vendor certifications from
Siemens, Schneider, ABB, Honeywell, or Emerson are considered a strong advantage.
