Cybersecurity Consultant / vCISO
Strata Information GroupSalary not specified
Full Time
Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
ICS/OT Cybersecurity, Industrial SecurityIndustries
Requirements
- 4+ years of hands-on cybersecurity experience, including vulnerability assessment, penetration testing, or red teaming within the OT space
- Familiarity with penetration testing methodologies in white, gray, or black-box contexts
- Hands-on experience with [incomplete in description: "Hands-on experience wi"]
Responsibilities
- Serve as a subject matter expert by leading and executing vulnerability assessments, penetration tests, and purple team operations in industrial technology environments, including active exploitation of customer-owned networks, hardware, and software, and comprehensive documentation review
- Conduct in-depth technical data collection and analysis, including packet capture (PCAP), Active Directory enumeration, firewall rule assessment, and industrial network traffic analysis to uncover hidden vulnerabilities and misconfigurations
- Collect and analyze network and host data, including packet captures, firewall rules, and system configurations, to identify anomalous activity, attack paths, and potential vulnerabilities
- Perform ongoing research into threat actor tactics, techniques, and procedures (TTPs), tools, and vulnerabilities; apply findings to active engagements and update internal documentation
- Translate engagement insights into actionable research projects to support Dragos technology development, including working with the detections team to add new, enhanced detections to the Dragos Platform
- Deliver clear, concise, and technically accurate reports that outline vulnerabilities, attack paths, and prioritized remediation strategies; present findings to clients in written and verbal formats
- Assist in creating and facilitating training exercises, tabletop scenarios, and workshops to help customers strengthen incident response readiness
- Enhance team effectiveness by contributing to the evolution of workflows, runbooks, and procedures, incorporating lessons learned from field engagements
- Represent Dragos and support the broader OT security community through public speaking, whitepaper development, technical blog posts, and webinars
- Collaborate closely with fellow team members, providing mentorship and technical guidance to foster a positive team culture
Skills
Penetration Testing
Vulnerability Assessments
Red Teaming
Purple Teaming
PCAP Analysis
Active Directory Enumeration
Firewall Assessment
Industrial Network Analysis
ICS Security
OT Security
Exploitation
Threat Intelligence
Dragos
Cybersecurity for industrial control systems
About Dragos
Dragos specializes in cybersecurity for industrial control systems (ICS) and operational technology (OT) environments, which are essential for industries like manufacturing, energy, and transportation. Their main product, the Dragos Platform, allows organizations to visualize their network, detect threats, and respond effectively to cyberattacks. This platform is particularly important because many ICS and OT systems are outdated and vulnerable to attacks that could impact public safety and economic stability. Dragos differentiates itself by focusing specifically on the unique needs of these industrial sectors, providing both a comprehensive platform and consulting services to help clients enhance their cybersecurity strategies. The company's goal is to protect critical industrial assets from cyber threats, ensuring the safety and reliability of essential services across various industries.
Glen Burnie, MarylandHeadquarters
2016Year Founded
$420.4MTotal Funding
SERIES_DCompany Stage
Consulting, Industrial & Manufacturing, CybersecurityIndustries
501-1,000Employees
Benefits
Medical, dental, vision, disability, & life insurance
401k with match
Equity
Competitive compensation
Remote working options
Pet-friendly options
In-house brewery
Risks
Emerging OT cybersecurity firms may erode Dragos' market share.
Rapid evolution of ransomware tactics may outpace Dragos' detection capabilities.
Integration of new acquisitions may face operational challenges.
Differentiation
Dragos specializes in cybersecurity for industrial control systems and operational technology environments.
The Dragos Platform offers comprehensive visibility, threat detection, and rapid response tools.
Dragos provides consulting services to enhance strategic cybersecurity roadmaps for organizations.
Upsides
Rising ransomware attacks increase demand for Dragos' OT cybersecurity solutions.
Strategic partnerships enhance Dragos' service offerings and customer trust.
Acquisition of Network Perception strengthens Dragos' platform capabilities.
Related Jobs
RemoteRemoteDetections Engineer
Shift5Salary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSecurity Engineer [IC3]
Sourcegraph$120,000 - $160,000/year
- Full Time
- Mid-level (3 to 4 years)
RemoteLead Generation Internship
ElegenSalary not specified
- Internship
- Internship
RemoteStaff Threat Intelligence Analyst
Huntress$190,000 - $210,000/year
- Full Time
- Senior (5 to 8 years)
RemoteAdvanced Industrial Controls Engineer
SymboticSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)