Details about the role
WOTOS Europe – is an industrial cybersecurity consulting company looking for a Cybersecurity Consultant in GRC within an OT/ICS environment to help manufacturing organisations increase the security maturity and resilience of their systems.
You’ll be the organisation’s security focal point and translator – the central contact who aligns a broad group of stakeholders and helps drive activities. You’ll combine technical understanding of systems, a security mindset, strong organisational and documentation skills, and daily communication.
Location: Remote / Hybrid within Estonia.
Employment type: Full-time preferred; strong part-time (80%) candidates considered. Long-term contract, at least one year.
Language expectations: Working language – English; fluency in Swedish, German or Ukrainian are a plus
Expectations for the candidate
Responsibilities
- Lead a security maturity engagement, document, track and coordinate activities in related security areas
- Support Business Impact Analysis (BIA), Disaster Recovery Plans (DRP), disaster recovery tabletop exercises, risk assessments, etc
- Supply chain security: support procurement with requirements and vendor/security assessments
- Coordinate stakeholders (engineering, operations, IT, procurement, management) and inform management of progress and needs
Advanced scope (if you have the experience)
Your responsibilities can be extended towards a Security Advisor role, supporting solution architects with reviews of system architecture and realistic failure/attack scenarios
What we’re looking for (must-have)
- Practical cybersecurity background (work experience, education, certifications, and/or relevant activities)
- Structured documentation skills (you can produce clear, well-maintained, and timely updated documentation)
- Understanding of risk assessment concepts and how technical weaknesses translate to business impact
- Threat-modelling mindset (how systems can be misused)
- Strong communication, facilitation, and presentation skills: you can lead workshops and facilitate balanced, effective discussions. You are positive, kind and confident in your work.
- Ability to explain and educate others, especially non-technical people
Nice to have
- BIA / DRP / tabletop exercise experience
- Experience conducting security assessments
- Industrial/OT context (manufacturing environments, legacy systems, vendor ecosystems)
- Familiarity with standards/regulation (e.g., IEC 62443, NIST 800-82, NIS2)
- Project management experience
You are NOT expected to
- Be the sole owner of compliance or work alone without support – engagements are delivered with a team and stakeholder input
- Perform hands-on penetration testing/red teaming / own day-to-day IT administration / program
You’re a good fit if
- You have a strong security mindset
- You enjoy being the “security translator” between technical and non-technical teams
- You are a people’s person
- You can stay organised with lots of inputs and still produce clean outputs
Pro tip: We value honesty and self-awareness: be clear about what you’ve done, what you know well, and what you’re still learning.
Looking forward to hearing from you – apply here and we’ll get back to shortlisted candidates.
Opportunities
You'll get an opportunity to work at an international engineering company with manufacturing sites and their environments in Europe. It is a unique opportunity to lead the improvement program in security on those sites and work shoulder to shoulder with security experts that would support you in this journey.
Applying for a job
One can apply until the end of the application period.