Cybersecurity Consultant

Location: Canada_Remote_Worker, Canada

Dans des marchés en rapide évolution, les clients à travers le monde font confiance à Thales. Thales est une entreprise où les personnes les plus brillantes du monde entier se regroupent pour mettre en commun leurs idées et ainsi s'inspirer mutuellement. Dans tous les secteurs où œuvre Thales, notamment l’aérospatiale, le transport, la défense, la sécurité et l'espace, nos équipes d’architectes conçoivent des solutions innovantes qui rendent demain possible dès aujourd’hui.

In fast changing markets, customers worldwide rely on Thales. Thales is a business where brilliant people from all over the world come together to share ideas and inspire each other. In aerospace, transportation, defence, security and space, our architects design innovative solutions that make our tomorrow's possible.

**Position Summary**

**This is a remote position within Ontario Canada.**

Thales is looking for a **Cybersecurity Consultant** with proven experience working with Enterprise, Industrial, Critical Infrastructure, and Operational Technology (OT) environment. Possess a good understanding of industrial control systems (ICS) fundamentals. Equip with hands-on experience in assessing, troubleshooting and securing control systems, working with various vendors, knowledgeable with communication protocols such as TCP/IP, MODBUS, ICCP, DNP3, RTU, OPC, HMI, PLC, distributed control system (DCS) and supervisory control & data acquisition (SCADA). Must be able to evaluate the network architecture, distinguish the Enterprise (IT) and Operational Technology environment (OT) and identify cyber risks each Purdue level.

In addition, the Cybersecurity Operations Centre (CSOC) team will rely on your contribution to perform an in-depth analysis of digital artifacts, identify the malicious operations and evaluate the real impact in order to solve in a quick and efficient manner. This is a key role when it comes to responding to customer’s security incidents. In-depth knowledge and technical skills in Security Operation Centre (SOC), SIEM and SOAR, Incident Response, log and network analysis, Network security (Firewall, WAF, IDS/IPS), Enterprise and OT infrastructure. This includes using troubleshooting tools to analyze and respond to cyber threats, writing scripts to aid in quick analysis and response, and responding to security events. Previous work experience in ICS/OT and Cybersecurity consulting is vital for this role.

**Key Areas of Responsibility**

The Cybersecurity Consultant is responsible to provide business-driven, cost-effective advice on the management of risk and security vulnerabilities for Enterprise (IT) and Operational Technology (OT) customers. You will support the development of Cybersecurity practices including but not limited to:

- Deliver IT and OT assets discovery including logical and physical site assessments.
- Recommends implementation of new OT controls across provide more cost effective risk mitigation.
- Deliver Cyber Risk assessment for IT or OT environment including Security Architecture review.
- Deliver reports with pragmatic solutions and provide actionable recommendations.
- Lead technical workshops to support the risk assessments activities.
- Coordinate and support customer’s project team, site engineers, and management with project deliverables.
- Proficient in designing, implementing and maintaining, monitoring platform, log management systems, and correlation engine.
- Support the architecture design and recommend enhancement of Cybersecurity capabilities in OT environment.
- Proficient in vulnerability assessment, penetration testing, incident management in IT and OT environment.
- Lead incidents response, deployment of IR tools and sensors, advance forensic analysis, and incident response advisor.
- Point of escalation in support of cybersecurity investigations for the industrial environment. Provide guidance on incident resolution and containment techniques.
- Must be capable of advance analysis in respond to security incidents. Securely collect artifacts, analyze for malicious behavior and carry out analysis to determine the root cause of events.
- Lead threat-hunting activities, looking for anomalies. Ingest, analyze and contextualize data and turn that into intelligence for threat assessment and risk management.
- Contribute to the creation, update and distribution of incident response best practices to include response capabilities and recommendations to senior leadership when dealing with incidents that affect the business.
- Must be analytical with detail-oriented analysis and great documentation skills.
- Must have expertise supporting one or various Cloud infrastructure (Azure, AWS, GCP or IBM Cloud).
- Up-to-date with the latest Cybersecurity trends, news and threat landscapes, with OT, IoT, Big Data, Cloud Security, and Digital Transformation.

**Key Requirements**
- Bachelor degree in engineering, computer science, cybers