OT Penetration Tester

Job Purpose

The OT Penetration Tester is responsible for assessing the security posture of Operational Technology environments, including Industrial Control Systems (ICS), SCADA networks, PLCs, and critical infrastructure components. This role requires a safety-first approach, ensuring that all testing activities are performed without disrupting operations, affecting equipment, or compromising safety. The tester will identify vulnerabilities, evaluate risks, and provide clear recommendations to strengthen the resilience of industrial systems.

• Design, develop, and implement comprehensive OT penetration testing methodologies, frameworks, and testing procedures tailored specifically for utility sector operational technology environments, including electric grid systems, water/wastewater treatment facilities, natural gas distribution networks, and renewable energy installations.
• Build and maintain specialized security testing capabilities for ICS/SCADA protocols including Modbus, DNP3, IEC 61850, IEC 60870-5-104, OPC UA, BACnet, Profinet, Ether Net/IP, and other utility-specific communication protocols
• Support the company’s OT cybersecurity service strategy by delivering high-quality penetration testing aligned with UAE national cybersecurity frameworks (NESA, DESC, TDRA, and sector-specific regulations).

• Contribute to the development and continuous improvement of OT penetration testing methodologies, service offerings, and best practices.

• Provide strategic insights to management on emerging OT threats, client needs, and opportunities to enhance service capabilities.

• Ensure testing activities align with client risk profiles, contractual obligations, and long-term service objectives.
• Participate in pre-sales discussions by providing technical expertise to support proposals, scoping, and solution design.

• Create and maintain comprehensive knowledge repositories documenting OT vulnerabilities, exploit techniques, vendor-specific security weaknesses, and industry-specific threat intelligence relevant to the utility sector

• Design and implement red team exercises and adversary emulation scenarios that simulate real-world attack campaigns.

• Perform safe, controlled penetration testing on OT networks, ICS/SCADA systems, PLCs, RTUs, HMIs, and industrial communication protocols for external clients.
• Conduct assessments of network segmentation, firewall rules, access controls, and industrial communication pathways.
• Identify vulnerabilities, misconfigurations, and potential attack vectors while ensuring zero disruption to client operations.
• Produce high-quality technical reports tailored for both technical and executive audiences, including risk ratings and remediation guidance.
• Present technical findings to diverse audiences including C-suite executives, engineering teams, operations management, regulatory compliance officers, and board-level stakeholders, translating complex technical vulnerabilities into business risk language
• Validate remediation actions and conduct re-testing as part of the managed service lifecycle.
• Support incident response engagements by providing exploitation insights and OT threat analysis when required.
• Ensure all testing activities comply with UAE laws, client contracts, and industry standards (IEC 62443, NIST 800-82).

• Deliver penetration testing engagements within agreed timelines, scope, and service-level agreements (SLAs).
• Coordinate with client operations, engineering teams, and plant management to define safe testing windows and boundaries.
• Maintain strict adherence to safety protocols, change-management processes, and client operational requirements.
• Document all testing activities, evidence, and results in accordance with internal and client audit requirements.
• Track and follow up on remediation progress with clients as part of ongoing managed service support.
• Ensure continuous improvement of tools, processes, and testing methodologies used in service delivery.
• Execute wireless security assessments of field communications including radio systems, satellite communications, cellular backhaul, and industrial wireless sensor networks deployed across utility infrastructure
• Perform security validation of cloud and hybrid architectures as utilities increasingly adopt cloud-based analytics, monitoring platforms, and distributed energy resource management systems (DERMS)

• Collaborate with internal teams including SOC, OT engineers, service delivery managers, and cybersecurity consultants.
• Provide mentorship and technical guidance to junior penetration testers and analysts within the managed service team
• Conduct knowledge-sharing sessions, workshops, or awareness programs for clients on OT security risks and best practices.
• Communicate complex technical findings clearly and professionally to both technical and non-technical client stakeholders.
• Promote a culture of safety, professionalism, and client-centric service delivery within the team.

• Support the…