Our goal is to revolutionise the safety and resilience of machine-to-machine communications of the future. With 1 trillion connected devices by 2025, the cyber security threat will increase exponentially. Our innovative technology creates trust between devices to allow secure communication over untrusted networks. To achieve our goal we’re growing our talented, international team. We aim to combine the best business and technical brains, to create breakthroughs at the forefront of technology.

Location: Belfast or London

The Role

We are looking for a Cyber Security Analyst specialised in IT/OT red team assessments. You will help us develop the reliability and security of our ground-breaking hardware and software authentication and encryption product. You will advance our knowledge and expertise in cyber risk assessments and mitigation control, incident response and secure architectures.

You will report to the CTO and Engineering Lead. Some responsibilities include:

•  Developing IT/OT cyber security assessment approaches to ensure pro-active identification of threats and attack vectors in line with NIST 800-53

• Prepare, review and assess the low-level and high-level design for IT/OT environments in line with industry best practice and international standards/guidelines, like ISA 99/IEC 62443, NISTIR 8183, NISTIR 8259, Enisa Good Practices for Security of IoT, PAS 1885:2018, and ISO21434

• Review and assess the architecture and design of our IT/OT communication authentication and encryption solutions

• Identify and highlight areas of concerns in the design, and suggest risk mitigation controls and recommendations to the engineering and development team

• Maintain familiarity with relevant legislation and regulation to IT/OT cyber security, digital forensics and incident response

• Reviewing security tools, processes and procedures to assist in testing the robustness of current and developing systems

• Identify and develop research into future attack vectors for IT/OT systems

• Provide technical assistance and advice to the engineering team and the sales team where necessary

• Deliver high-quality technical analysis, reports, and presentations to senior management

The Person

• Solid working experience in conducting cyber security assessments and implementing risk mitigation controls for IT/OT systems

• Solid knowledge of OT/IT security best practices applied in red team assessments and exercises

• Good knowledge and understanding of threat hunting strategies for IT/OT environments

• Good knowledge and experience of IT/OT cyber incident response, cyber kill-chain, and the Mitre ATT&CK framework

• Proven ability of designing, implementing and reviewing IT/OT security assessments and incident response plan

• Good understanding of protocols common within IT/OT (e.g., MODBUS, DNP3, S7, OPC. HTTP, SMB, DNS etc.)

• Good understanding of technical design considerations with emphasis on operational safety

• Proven experience (4-6 years) of working in a security role, focused on assessing cyber security risks for IT/OT systems and recommending viable security controls to mitigate against the risks

• Applicable knowledge and experience in one or more of the following industries: Nuclear, Electricity distribution, Rail, Utilities and Defence.

• Good experience in engineering security solutions for real-time and/or performance-sensitive systems is a bonus

• Qualified to at least an MSc degree in cyber security, industrial systems, computer science, or a related field

• Certifications such as Security+, Network+, SSCP, CCNA, GSEC, OSCP are a bonus

• Proven ability to rapidly interpret technical and business requirements and understand complex trade-offs in drawing conclusions and recommendations

• Proven ability to engage and work with other technical experts and incorporate their input and feedback

• Proven ability to communicate complex topics clearly and concisely

• Excellent verbal and written technical English communications skills

Why you should apply

• Competitive salary

• Flexible working hours

• 25 days holiday, plus all bank holidays

• Personal growth and career progression opportunities (e.g. develop your technical skills, attend cyber security conferences and industry events, and mentoring – just to name a few!)

• Friendly, open and transparent culture

• You'll get to join a passionate VC backed start-up, and be able to help shape its growth from the get-go

• Plus perks such as team events and more!

Angoka is an Equal Opportunity Employer. We welcome and encourage applicants from all backgrounds and experiences. We do not tolerate discrimination or harassment.  

At Angoka, all our hiring decisions are based on business needs, job requirements and individual qualifications, and we are committed to creating an inclusive culture that supports and represents our diverse society.