About Kualitatem
Kualitatem is a global Consulting, Audit and Assurance company specializing in Software Quality Assurance, Information Security, Technology Process Optimization Cloud Infrastructure. Kualitatem is a TMMi Level 5, ISO 9001, ISO 27001 and SOC2 certified company.
Position Summary
We are seeking an experienced Operational Technology (OT) Security Consultant to support a leading manufacturing client in KSA in securing their industrial automation and production environments.
The consultant will be responsible for assessing, designing, and strengthening cybersecurity controls across factory-floor systems, including SCADA, PLCs, robotics, MES, and industrial networks, while ensuring compliance with KSA regulatory requirements and international industrial cybersecurity standards.
• Conduct cybersecurity gap assessments across production lines and plant-floor systems.
Key Responsibilities
• Identify vulnerabilities in PLCs, HMIs, SCADA systems, robotics controllers, and IIoT devices.
• Design and review secure IT/OT network segmentation using Purdue Model.
• Implement Industrial DMZ (IDMZ) and secure remote vendor access.
• Align OT controls with NCA ECC, IEC 62443, NIST SP 800-82, and ISO 27001.
• Integrate OT logs into enterprise SIEM.
• Develop OT-specific incident response playbooks.
• Harden PLCs, SCADA servers, engineering workstations, and industrial firewalls.
• Prepare executive and technical reports with remediation roadmaps.
Required Technical Skills
• Strong knowledge of SCADA, PLCs, DCS, Robotics, and MES systems.
• Experience with industrial protocols: Modbus, OPC/OPC-UA, PROFINET, EtherNet/IP.
• Industrial network segmentation and firewall configuration.
• Familiarity with OT monitoring tools (Nozomi, Claroty, Dragos preferred).
Experience Requirements
• Minimum 5+ years in cybersecurity.
• At least 3 years in OT/ICS security.
• Experience in manufacturing plant environments.
• Exposure to KSA regulatory requirements preferred.
Certifications (Preferred)
• GIAC Global Industrial Cyber Security Professional (GICSP)
• ISA/IEC 62443 Cybersecurity Certification
• Certified SCADA Security Architect (CSSA)
• CISSP / CISM
• ISO 27001 Lead Implementer / Auditor
Additional Competencies
• Production downtime risk analysis.
• Safety implications of cyber incidents.
• Business continuity planning for production lines.
• Vendor cybersecurity governance.
• Secure onboarding of new machinery and automation systems.
Key Deliverables
• OT Security Gap Assessment Report
• Compliance Mapping (NCA ECC / IEC 62443)
• Network Segmentation Architecture
• Risk Register
• OT Hardening Standards
• Incident Response Playbook (Manufacturing-specific)
• Remediation Roadmap
Location & Industry
Location: Kingdom of Saudi Arabia (Onsite)
Industry: Manufacturing / Industrial Production