OT Penetration Tester
GSS Tech Group
Job Purpose
The OT Penetration Tester is responsible for assessing the security posture of Operational Technology environments, including Industrial Control Systems (ICS), SCADA networks, PLCs, and critical infrastructure components. This role requires a safety-first approach, ensuring that all testing activities are performed without disrupting operations, affecting equipment, or compromising safety. The tester will identify vulnerabilities, evaluate risks, and provide clear recommendations to strengthen the resilience of industrial systems.
Key Accountabilities
Strategic
- Design, develop, and implement comprehensive OT penetration testing methodologies, frameworks, and testing procedures tailored specifically for utility sector operational technology environments, including electric grid systems, water/wastewater treatment facilities, natural gas distribution networks, and renewable energy installations.
- Build and maintain specialized security testing capabilities for ICS/SCADA protocols including Modbus, DNP3, IEC 61850, IEC 60870-5-104, OPC UA, BACnet, Profinet, EtherNet/IP, and other utility-specific communication protocols
- Support the company’s OT cybersecurity service strategy by delivering high-quality penetration testing aligned with UAE national cybersecurity frameworks (NESA, DESC, TDRA, and sector-specific regulations).
- Contribute to the development and continuous improvement of OT penetration testing methodologies, service offerings, and best practices.
- Provide strategic insights to management on emerging OT threats, client needs, and opportunities to enhance service capabilities.
- Ensure testing activities align with client risk profiles, contractual obligations, and long-term service objectives.
- Participate in pre-sales discussions by providing technical expertise to support proposals, scoping, and solution design.
- Create and maintain comprehensive knowledge repositories documenting OT vulnerabilities, exploit techniques, vendor-specific security weaknesses, and industry-specific threat intelligence relevant to the utility sector
- Design and implement red team exercises and adversary emulation scenarios that simulate real-world attack campaigns.
Functional
- Perform safe, controlled penetration testing on OT networks, ICS/SCADA systems, PLCs, RTUs, HMIs, and industrial communication protocols for external clients.
- Conduct assessments of network segmentation, firewall rules, access controls, and industrial communication pathways.
- Identify vulnerabilities, misconfigurations, and potential attack vectors while ensuring zero disruption to client operations.
- Produce high-quality technical reports tailored for both technical and executive audiences, including risk ratings and remediation guidance.
- Present technical findings to diverse audiences including C-suite executives, engineering teams, operations management, regulatory compliance officers, and board-level stakeholders, translating complex technical vulnerabilities into business risk language
- Validate remediation actions and conduct re-testing as part of the managed service lifecycle.
- Support incident response engagements by providing exploitation insights and OT threat analysis when required.
- Ensure all testing activities comply with UAE laws, client contracts, and industry standards (IEC 62443, NIST View phone number on click.appcast.io).
Operations
- Deliver penetration testing engagements within agreed timelines, scope, and service-level agreements (SLAs).
- Coordinate with client operations, engineering teams, and plant management to define safe testing windows and boundaries.
- Maintain strict adherence to safety protocols, change-management processes, and client operational requirements.
- Document all testing activities, evidence, and results in accordance with internal and client audit requirements.
- Track and follow up on remediation progress with clients as part of ongoing managed service support.
- Ensure continuous improvement of tools, processes, and testing methodologies used in service delivery.
- Execute wireless security assessments of field communications including radio systems, satellite communications, cellular backhaul, and industrial wireless sensor networks deployed across utility infrastructure
- Perform security validation of cloud and hybrid architectures as utilities increasingly adopt cloud-based analytics, monitoring platforms, and distributed energy resource management systems (DERMS)
People
- Collaborate with internal teams including SOC, OT engineers, service delivery managers, and cybersecurity consultants.
- Provide mentorship and technical guidance to junior penetration testers and analysts within the managed service team
- Conduct knowledge-sharing sessions, workshops, or awareness programs for clients on OT security risks and best practices.
- Communicate complex technical findings clearly and professionally to both technical and non-technical client stakeholders.
- Promote a culture of safety, professionalism, and client-centric service delivery within the team.
Business Strategy
- Support the company’s managed security services growth by delivering high-quality, client-satisfying penetration testing engagements.
- Provide input to enhance service offerings, pricing models, and value-added capabilities based on client feedback and market trends.
- Ensure testing activities support client business continuity, operational reliability, and regulatory compliance.
Qualifications
- Bachelor’s degree in Computer Science, Information Security, Electrical Engineering, Control Systems Engineering, or a related technical discipline.
- Preferred professional certifications:
- ICS/OT Security: GICSP, GRID, ISA/IEC 62443 Cybersecurity certifications
- Offensive Security: OSCP, OSWP, OSCE, OSEP
- Penetration Testing: CEH, CPT, GPEN, GXPN
- Additional OT-focused training or vendor certifications (e.g., Siemens, Schneider, ABB, Honeywell, Emerson) are highly advantageous.
- Strong working knowledge of industry standards and regulatory frameworks including:
- IEC 62443
- NIST SP View phone number on click.appcast.io
- UAE cybersecurity frameworks (NESA, DESC, TDRA)
Experience
- 8–10 years of hands‑on experience in penetration testing, vulnerability assessment, or red team operations.
- Minimum 3 years of direct experience within OT/ICS/SCADA environments, preferably in utilities, oil & gas, manufacturing, or other critical infrastructure sectors.
- Proven experience conducting safe and controlled security assessments across:
- ICS/SCADA networks
- PLCs, RTUs, and HMIs
- Industrial protocols (Modbus, DNP3, OPC UA, Profinet, etc.)
- Experience delivering managed security services or consulting engagements in client‑facing environments
Language Requirements
- Fluent in English (spoken and written) – essential for client communication and technical reporting.
- Arabic proficiency is an advantage, particularly for UAE government and semi‑government engagements.
Job‑Specific Skills
Technical Competencies
- Strong understanding of OT/ICS architectures, industrial networking, and control system components.
- Advanced expertise in penetration testing methodologies, tools, and techniques (manual and automated).
- Ability to perform:
- Network penetration testing
- ICS protocol analysis
- Firewall and network segmentation assessments
- Wireless security testing
- Secure configuration reviews
- Strong awareness of OT-specific risk factors including safety impact, operational continuity, and system availability.
- Familiarity with SIEM platforms, SOC processes, and OT-focused incident response practices.
Soft & Professional Skills
- Strong analytical and critical thinking capabilities.
- Excellent communication, stakeholder management, and presentation skills.
- Ability to operate effectively in high-risk, safety-critical environments.
- Strong documentation and technical reporting skills.
- Ability to collaborate with cross‑functional teams (OT engineers, SOC teams, governance, and operations).
- High level of professionalism, discretion, and compliance with UAE legal and regulatory requirements.
Core Competencies
- OT Cybersecurity Assessment & Testing
- Red Team & Advanced Penetration Testing
- Industrial Network Security
- Regulatory & Compliance Alignment (UAE Frameworks)
- Client Advisory & Technical Reporting
- Risk-Based Security Assessment
- Cross-Functional Collaboration in Critical Infrastructure Environments
Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the OT Penetration Tester in Dubai vacancy
- A leading cybersecurity firm in Dubai is seeking an experienced OT Penetration Tester with strong expertise in wireless communication networks, particularly GSM and RF Mesh in AMI/Smart Grid environments. The role focuses on evaluating security and performance of wireless...
- ...Role Overview We are looking for a highly specialised OT Penetration Tester with strong experience in wireless communication networks (GSM and RF Mesh) within AMI / Smart Metering environments . This role focuses on black-box security testing of OT networks...
- A technology security firm in Dubai is seeking an experienced OT Penetration Tester to evaluate and enhance the security of wireless communication networks, particularly within Advanced Metering Infrastructure (AMI) environments. The ideal candidate will have over 5 years...
- A leading cybersecurity firm in Dubai is seeking an OT Penetration Tester to assess and enhance the security of Operational Technology environments. The successful candidate will design testing methodologies, perform assessments on ICS/SCADA systems, and communicate findings...
- A leading technology firm in Dubai is seeking a highly specialised OT Penetration Tester with extensive experience in wireless communication networks. The role involves black-box security testing of OT networks within AMI/Smart Metering environments, focusing on validating...
- ...Job Overview We are seeking an experienced OT Penetration Tester with strong expertise in wireless communication networks , particularly GSM and RF Mesh , within AMI / Smart Grid environments . The role focuses on evaluating the security, resilience, and...
- ...Dicetek LLC | Posted Jan 16 Contract Dubai Negotiable Unknown Responsibilities Perform penetration testing and vulnerability research on complex proprietary software, hardware, and client service environments. Identify and assess vulnerabilities in...
- ...SupportFinity™ is seeking a skilled penetration tester based in Dubai. The role involves conducting vulnerability assessments and penetration tests on complex systems, alongside enhancing security practices for digital services. Candidates should possess certifications...
- Netsentries is seeking Penetration Testers/Offensive Security Consultants in Dubai to work on security assessment projects for large enterprises. Candidates should have strong skills in performing various security assessments and a passion for cybersecurity. The ideal applicant...
- ...DTS Solution in Dubai is seeking a Penetration Testing Consultant / Cyber Security Analyst specializing in red team operations. The role involves managing penetration testing, vulnerability scanning, and threat simulation projects to enhance security. The ideal candidate...
- A leading technology security firm is seeking a highly specialised OT Penetration Tester with strong experience in wireless communication networks within AMI/Smart Metering environments. The ideal candidate will perform black-box penetration testing, validate secure communication...
- ...Penetration Testers/Offensive Security Consultants (Associate / Consultant / Senior / SME) at NetSentries get exciting opportunities to work... ...applications Perform assessments of wireless networks and OT assets/components Perform security assessment of cloud environments...
- ...A healthcare facility is seeking a compassionate and skilled OT Registered Nurse to join its operating room team. This role is focused on delivering high-quality perioperative nursing care and supporting surgical teams in maintaining safe and efficient operating theatre...
- ...We are hiring experienced QA testers to support integration and end-to-end testing across Oracle Fusion ERP, OIC integrations, WMS, CRM, EDI and related extensions. This is a hands-on execution role focused on structured test execution, defect logging, and validation...
- TeamViewer provides a leading Digital Workplace platform that connects people with technology—enabling, improving and automating digital processes to make work work better. Our software solutions harness the power of AI and shape the future of digitalization. We believe...
- ...About the Role: We are looking for a Digital Platform Usability Tester to assess the functionality, accessibility, and ease of use of online platforms. Your insights will help companies optimize their websites and apps for a smoother user experience. This is a remote...
- Responsibilities Test IXL questions for typos, formatting issues, and mathematical errors Verify that digital questions match their original designs Record grading bugs and visual issues Collaborate with curriculum designers to meet project deadlines Requirements...
- ...design fixes, and patches Perform system load tests for new products to ensure stability Manage and train apprentices, junior testers, and new developers Work with quality technicians to document quality processes for replication across locations Manage...
- ...Automation Tester We are seeking a highly skilled QA Automation Engineer with a minimum of 4 years of experience in automation testing. The ideal candidate should have a strong technical background and experience in developing and maintaining automation scripts for...
- ...Location: Dubai, UAE / Chennai Experience: 5+ Years Role Overview: We are looking for Finacle Automation Tester with strong expertise in Finacle 11X Core Banking testing and automation. The role involves validating end-to-end banking workflows across Core...
- ...Position: ABA Therapists / Speech Therapists / Occupational Therapists (OT) Date Posted: July 1, 2026 Industry: Education / Early Childhood Education / Healthcare & Therapy Employment Type: Full Time Experience: Not Specified Qualification: Relevant Degree...
- ...We are seeking a skilled Penetration Tester with strong experience in CI/CD pipeline security to identify assess and mitigate security vulnerabilities across applications infrastructure and automated deployment environments. The role focuses on proactive security...
- ...Overview of the role This role is responsible for leading cybersecurity design, implementation, and assurance across complex OT and critical infrastructure environments. The position ensures that security is embedded throughout the project lifecycle, from architecture...
- ...cybersecurity professional to lead the design, implementation, and assurance of cybersecurity controls across critical infrastructure and OT environments. The role requires extensive experience in OT cybersecurity and will involve ensuring compliance with regulatory...
- 1. POSITION OVERVIEW We are seeking a qualified Occupational Therapist to provide in-home therapy services for a 3-year-old child in Jumeirah Village Circle (JVC), Dubai. The primary objective is to support the child's motor development, independence in daily activities...
- ...Position: Operating Theatre Registered Nurse (OT RN) Date Posted: June 29, 2026 Industry: Healthcare / Medical / Day Care Centre Employment Type: Full Time Experience: Minimum 2 Years of Operating Theatre Nursing Experience in Abu Dhabi/UAE Qualification...
- HumLog is seeking a driver for operations in Dubai. The role involves safely operating a 3-ton light vehicle for food product transportation, ensuring timely deliveries, and maintenance of the vehicle. Candidates should have at least 1 year of driving experience, knowledge...
- ...D4 Insight in Dubai is seeking a Finacle Automation Tester to validate end-to-end banking workflows across Core Banking, CRM, Payments, Assets and Liabilities while driving automation in Agile delivery teams. Develop automation frameworks using Selenium (Java) or Playwright...
- ...Position: Operation Theatre (OT) Nurse Date Posted: May 28, 2026 Industry: Healthcare / Medical / Nursing Employment Type: Full Time Experience: Minimum OT Experience Preferred Qualification: DOH Exam Passed or DOH Licensed Nurse Salary: AED 5000...
- ...Penetration Testing Consultant / Cyber Security Analyst – Red Team Full Time Dubai Role and Responsibilities Penetration Testing: manages and conducts internal and external penetration testing. Vets and coordinates 3rd party vendors and the business to deliver...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to OT Penetration Tester. Be the first to apply!


