Consultant - OT CTD

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!

Job Description

Job Summary:

• Develop appropriate network-based solutions to address problems of systems integration, compatibility, and challenges in using multiple platforms.
• Translate business need into technical system solutions taking various factors into account. Perform feasibility analysis of potential future projects.
• Responsible for the technical correctness and completeness of system designs. Integrate network hardware, software and interfaces to form a system.
• Recommend products that will evolve our technical infrastructure. Provide ideas to further enhance business offerings and drive consistency.

You will report to the Execution Manager.

• IDS Deployment - IDS application deployment on customer site (remotely or on-site).
• IDS tuning - Removing, reducing, indicating assets or traffic causing an unwanted behaviour. Ensuring the system is not overflowed with false-positive alerts., defining internal vs external assets, identifying misconfiguration/poorly chosen sources of incoming traffic, IT/Internet assets that generate a large amount of traffic/alerts, IT Assets that generate false positives, misconfigurations – e.g., broken shares causing login events, verify and set alert sensitivity.
• IDS Health check - Identify any technical issues with the system - System components time mis-synchronisation (OS and application level), Site security alert generation mechanism is working properly, Site Integrity alert generation mechanism is working properly, Site Syslog generation mechanism is working properly, Identify bottlenecks.
• Reports – Creating customised / tailor-made reports from the customers to meet specific needs and requests based on Claroty IDS information gathered, high-level security overview report for executives.
• Customer Training - Deep technical Dive with System Demo, System capabilities explanation, Incident response Training, General purpose playbook.
• Network Coverage Validation - Ensuring incoming traffic matches expected network coverage. Internal VS external subnets configurations, traffic sniffing –connection breaks, Identify Unicast traffic, Identify mainly OT Traffic, Identify ICS expected vendors, Identify missing assets, Identify unexpected OT assets, Identify unsupported protocols.
• Deliver training and awareness programmes for OT personnel.
• Understand OT environment (common OT areas, personnel involved, OT constraints.
• Be able to "explore" the customer main systems under consideration.
• Understand basic OT flows: client-server, user operativity, user permissions.
• Basic knowledge about different OT vendors (Siemens, ABB, Schnieder, Mitsubishi).
• Understand a network diagram being able to identify the different assets and understand, on a high level, how are they connected.
• Identify network equipment being able to identify a switch, wireless Access Points, routers, net diodes, and firewalls.
• Identify and trace physically connected assets and documenting them in a network topology.
• Extract switches configuration and capture traffic.
• Understand general system configurations like O.S group policy, VMs, update mechanism.
• Being able to identify potential vulnerabilities and threats.
• Being able to identify current installed countermeasures/controls including, monitoring, end points security solutions, hardening measures (antivirus/EDR, GPO).

• Bachelor's degree in electrical engineering, Industrial Engineering, Computer Science or Information Technology or related technology-driven degree.
• 8+ years of experience in Manufacturing Control Systems (OT), Network Engineering, Cyber Security and on IDS Solutions like Claroty / Nozomi.
• Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required.
• Hands-on experience in advanced knowledge in systems – configuring, operating (OS – Microsoft Servers, Linux, VMs, and domain environments).
• Previous experience working as part of a large, multi-disciplinary global team completing full project life-cycle implementations.
• Travel Requirements - Flexibility for travel 20% - 30% is required and can include both domestic and international trips.
• Legal authorization to work in the country of residence is required.
• Recognized Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required.

• Master's degree in Cybersecurity.
• Configuring IT/OT network infrastructure equipment (Cisco Switches, Virtual Server Environments, Cisco ASA).
• Experienced in monitoring, analyzing, and understanding log sources for threat hunting.
• Having sound knowledge in common system exploits, network attacks, phishing techniques, and malware.

Our benefits package includes …

• Comprehensive mindfulness programmes with a premium membership to Calm.
• Volunteer Paid Time off available after 6 months of employment for eligible employees.
• Company volunteer and donation matching programme – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation.
• Employee Assistance Program.
• Personalised wellbeing programmes through our OnTrack programme.
• On-demand digital course library for professional development.

... and other local benefits!

At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles.

#LI-Hybrid

#LI-RS1

Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.