OT Product Security Consultant (Italy)
Se desidera saperne di più su questa opportunità o sta pensando di candidarsi, la preghiamo di leggere le seguenti informazioni.
We are expanding our cybersecurity team and need an OT Product Security Consultant in Italy. The role involves conducting threat modeling, risk assessments, and audits, and providing advice, training, and support in cybersecurity and relevant standards.
Responsibilities
Conduct independent security assessments and control validation across industrial products, systems, and supporting processes.
Evaluate the effectiveness of technical and organizational security controls, leveraging frameworks such as IEC 62443, NIST CSF, EN 50742, UR E27, IEC 81001‑5‑1, TS 50701.
Identify control gaps and non‑conformities, deliver clear findings, and track remediation activities with clients.
Provide expert input on risk acceptance, exception handling, and risk treatment plans.
Support and contribute to risk assessments, translating technical risks into actionable mitigation strategies.
Perform continuous security assurance activities to support compliance with internal policies and external regulatory requirements.
Review system architectures, data flows, and configurations from a security and assurance perspective.
Collaborate with cross‑functional teams (engineering, IT, product security, procurement, operations) to embed security requirements by design.
Participate in secure design reviews, supplier risk evaluations, and certification readiness activities.
Produce high‑quality assessment reports, dashboards, and metrics to provide clear visibility to stakeholders and leadership.
Analyze trends across assessments and incidents to identify systemic risks and continuous improvement opportunities.
Contribute to the development and enhancement of security assurance methodologies, processes, and tools, with a strong focus on IEC 62443.
Qualifications
Bachelor’s degree in Cybersecurity, Computer Science, IT, Telecommunications, or a related field (or equivalent experience).
3+ years of experience in security assurance, compliance, auditing, product security, or technical cybersecurity roles, ideally with experience in cybersecurity of embedded products.
Strong knowledge of industry frameworks such as IEC 62443, NIST CSF, EN 50742, UR E27, IEC 81001‑5‑1, TS 50701.
Proven experience in conducting security assessments, validating controls, or supporting audits and certification processes.
Ability to understand and assess technical architectures, systems, and security controls and their associated risk impact.
Analytical mindset with excellent problem‑solving skills and attention to detail.
Strong communication skills, with the ability to translate technical findings into clear, client‑focused recommendations.
Excellent cross‑functional skills, project management, and reporting abilities to manage timelines and deliverables across projects for the client.
Comfortable working in an international, client‑facing consulting environment involving multiple stakeholders, including internal teams and certification bodies. xjrgpwk
Strong verbal and written communication skills in English.
#J-18808-Ljbffr