Associate Principal Consultant - ICS/OT Cybersecurity

Dragos

5h•Remote

About The Position

Dragos is on a relentless mission to defend industrial organizations that provide us with the necessities of modern civilization; running water, functioning electricity, and safe industrial working environments. As the market leader in ICS/OT Cybersecurity, we are dedicated to arming our customers with best-in-class technology, threat intelligence, and services to protect their systems as effectively and efficiently as possible. We’re a remote-first culture with operations in North America, Europe, the Middle East, and APAC. We’re looking for mission-oriented teammates who embody our core values of authenticity, transparency, and trust. Are you ready to make a difference? Come join a mission that can save the world! About the Role: As an Associate Principal Consultant on the Professional Services team, you will lead complex cybersecurity engagements that help industrial organizations strengthen and mature their OT security programs. Your focus will be on delivering architecture reviews, threat assessments, tabletop exercises, and other advisory services across key ICS/OT sectors including oil and gas, electric, water treatment, and manufacturing. You will translate deep technical insight into practical, strategic guidance for engineering, operations, and executive stakeholders. You will also mentor team members, contribute insights that inform platform and research advancements, and represent the Dragos mission through customer and community engagement.

Requirements

7+ years of hands‑on cybersecurity experience, including delivering professional services or consulting engagements in customer environments.
Deep expertise in ICS/OT cybersecurity, including OT system architectures, risks, threats, vulnerabilities, and relevant frameworks and standards.
Direct, practical experience operating in ICS/OT environments (eg., asset owner, industrial plant, or operator setting).
Strong technical proficiency with OT assets (e.g., PLCs, HMIs, RTUs), OT networking protocols (e.g., Modbus, DNP3), and security analysis tools (e.g., Zeek/Bro, Wireshark).
Demonstrated ability to collect and analyze network and host data to baseline environments, validate expected state, and identify malicious or anomalous activity.
Excellent written and verbal communication skills, including producing high‑quality customer reports and presenting complex technical findings to diverse audiences.
Willingness to support Dragos Services growth through thought leadership and SME outreach and to travel for onsite engagements as needed (approximately 30%).

Responsibilities

Lead ICS/OT Cybersecurity Professional Services Engagements including architecture reviews, compromise assessments, and tabletop exercises for customers across various verticals including electric, oil and gas, water treatment, and manufacturing.
Serve as the primary point of contact and SME for consulting clients, providing expert guidance while building strong relationships.
Deliver findings and recommendations documentation at the end of each engagement (this includes presenting to customers and addressing questions and concerns).
Perform Scope of Work (SOW) reviews, Rules of Engagement (ROE) development, and other documentation-related tasks.
Turn insights from customer engagements into research and innovation projects to fuel Dragos technology advancement (i.e., training material, Dragos Platform playbooks, etc.).
Support the larger community and represent Dragos through outreach efforts such as webinars, whitepapers, and conference presentations with novel content and ideas.
Mentor teammates and be a leadership resource for the professional services organization.