[Remote] Associate Principal Consultant - ICS/OT Cybersecurity
Note: The job is a remote job and is open to candidates in USA. Dragos, Inc. is on a mission to defend industrial organizations with a focus on ICS/OT Cybersecurity. The Associate Principal Consultant will lead complex cybersecurity engagements, delivering architecture reviews and advisory services while mentoring team members and representing the company in the community.
Responsibilities
- Lead ICS/OT Cybersecurity Professional Services Engagements including architecture reviews, compromise assessments, and tabletop exercises for customers across various verticals including electric, oil and gas, water treatment, and manufacturing
- Serve as the primary point of contact and SME for consulting clients, providing expert guidance while building strong relationships
- Deliver findings and recommendations documentation at the end of each engagement (this includes presenting to customers and addressing questions and concerns)
- Perform Scope of Work (SOW) reviews, Rules of Engagement (ROE) development, and other documentation-related tasks
- Turn insights from customer engagements into research and innovation projects to fuel Dragos technology advancement (i.e., training material, Dragos Platform playbooks, etc.)
- Support the larger community and represent Dragos through outreach efforts such as webinars, whitepapers, and conference presentations with novel content and ideas
- Mentor teammates and be a leadership resource for the professional services organization
Skills
- 7+ years of hands‑on cybersecurity experience, including delivering professional services or consulting engagements in customer environments
- Deep expertise in ICS/OT cybersecurity, including OT system architectures, risks, threats, vulnerabilities, and relevant frameworks and standards
- Direct, practical experience operating in ICS/OT environments (eg., asset owner, industrial plant, or operator setting)
- Strong technical proficiency with OT assets (e.g., PLCs, HMIs, RTUs), OT networking protocols (e.g., Modbus, DNP3), and security analysis tools (e.g., Zeek/Bro, Wireshark)
- Demonstrated ability to collect and analyze network and host data to baseline environments, validate expected state, and identify malicious or anomalous activity
- Excellent written and verbal communication skills, including producing high‑quality customer reports and presenting complex technical findings to diverse audiences
- Willingness to support Dragos Services growth through thought leadership and SME outreach and to travel for onsite engagements as needed (approximately 30%)
Benefits
- Competitive Equity Package
- Comprehensive Benefits Plan
Company Overview