Imagine your customer is a leading industrial component manufacturer, specializing in top-notch manufacturing and transportation equipment. You have ambitious goals: to streamline processes, ensure top-quality certifications for your client’s products, and guarantee cybersecurity. That’s why you come in. Our analysis will bridge any gaps in processes and products, and you will stand by your client as you address these challenges. With our expertise in penetration testing, risk assessment, and independent security evaluation, you will your client in raising their cyber resilience like never before. Your success story? It's written in the certification. Now also imagine the same story, but for products such as vehicles, medical devices, ships, IoT products, network equipment, etc. Doesn’t it sound like an exciting mission?
Todos los posibles candidatos deben leer con atención los siguientes detalles de este trabajo antes de presentar una candidatura.
Bureau Veritas Cybersecurity provides cybersecurity testing, audit, training and certification services covering people, organization, and technology (networks, systems, applications and data). We are expanding our team and that’s why we are looking for an
OT Product Security Consultant
in
Spain.
We have reputable clients and they request expertise to increase their level of cybersecurity. You will be responsible for conducting threat modeling, risk assessments and audits. You will also give advice, training, and support in the areas of cybersecurity, and relevant cybersecurity standards. You will collaborate with companies such as industrial manufacturers and asset owners, vehicle manufacturers and system integrators.
As out OT Product security Consultant you will:
Conduct
independent security assessments and control validation
across industrial products, systems, and supporting processes
Evaluate the effectiveness of
technical and organizational security controls
, leveraging frameworks such as IEC 62443, NIST CSF, EN 50742, UR E27, IEC 81001-5-1, TS 50701
Identify
control gaps and non-conformities
, deliver clear and structured findings, and track remediation activities with clients
Provide expert input on
risk acceptance, exception handling, and risk treatment plans
Support and contribute to
risk assessments
, translating technical risks into actionable mitigation strategies
Perform continuous
security assurance activities
to support compliance with internal policies and external regulatory requirements
Review
system architectures, data flows, and configurations
from a security and assurance perspective
Collaborate with cross-functional teams (engineering, IT, product security, procurement, operations) to
embed security and assurance requirements by design
Participate in
secure design reviews, supplier risk evaluations, and certification readiness activities
Produce high-quality
assessment reports, dashboards, and metrics
to provide clear visibility to stakeholders and leadership
Analyze trends across assessments and incidents to identify
systemic risks and continuous improvement opportunities
Contribute to the development and enhancement of
security assurance methodologies, processes, and tools
, with a strong focus on IEC 62443
You bring to the role, a combination of technical expertise and consultancy mindset with:
Bachelor’s degree in Cybersecurity, Computer Science, IT, Telecommunications or a related field (or equivalent experience)
3+ years of experience in security assurance, compliance, auditing, product security or technical cybersecurity roles and ideally also having worked in
cybersecurity of embedded products
Strong knowledge of industry frameworks such as: IEC 62443, NIST CSF, EN 50742, UR E27, IEC 81001-5-1, TS 50701
Proven experience in conducting security assessments, validating controls, or supporting audits and certification processes
Ability to understand and assess technical architectures, systems, and security controls and their associated risk impact
Analytical mindset with excellent problem-solving skills and attention to detail
Strong communication skills, with the ability to translate technical findings into clear, client‑focused recommendations
Excellent cross functional skills, project management and reporting skills enabling you to follow timelines and deliverables across projects for the client
Comfortable working in an international, client-facing consulting environment involving multiple stakeholders including internal teams, certification bodies etc and also at the client side
Strong verbal and written communication skills in
English
What can you expect from us?
We are an organization with a strong focus on
technical cybersecurity,
delivering high-quality technical services in the field of digital security. You will be part of a team of motivated international specialists, where
knowledge exchange is highly valued.
At Bureau Veritas Cybersecurity, we provide an environment for you to develop your talents and stimulate your professional growth. Together, we work to safeguard the security and integrity of valuable data while facing the challenges of the ever-evolving digital world.
Bureau Veritas Cybersecurity is a fast-growing company with ambitious goals.
You will have the opportunity to grow along with us and shape your career allowing you to become an expert in your field.
In terms of content, we offer you a diverse portfolio of exciting clients and projects. We are part of Bureau Veritas, which means that international opportunities are expanding, both for project work and for advancing your career.
We are also on the lookout for an OT Product Security Consultant who can be based remotely in Spain (with willingness to travel to client etc). xpzdshu
Are you the OT Product Security Consultant we are looking for?
We would love to hear from you. Do you have questions or do you want to submit your CV? You can reach us through
Note: Pre-employment screening, including a Certificate of Conduct (VOG), and assessment are part of the recruitment process.