Security Analyst

This strategic role sits at the intersection of information technology and operational technology, addressing the unique security challenges that emerge as these traditionally separate domains converge. You will be responsible for conducting original research, threat analysis, and modelling of both industrial control systems and corporate IT infrastructure; identifying attack vectors; and supporting the development of ANGOKA's ground-breaking authentication and encryption products.

Reporting to the Security Lead and working closely with the products and engineering teams, the ideal candidate shall understand that effective OT/IT security requires balancing cybersecurity best practices with operational continuity, safety, and the realities of legacy industrial systems.

This role offers the opportunity for significant learning and professional development, whilst contributing significantly to our growth. This role would be ideal for an early-stage or mid-career professional looking to develop their career in a fast-scaling start-up.

What you will do:

?Conduct vulnerability assessments and penetration testing on IT systems, ICS/SCADA components, PLCs, HMIs, MES systems, remote access solutions, and network infrastructure

• Perform risk assessments for new projects, system integrations, and vendor connections that touch both IT and OT environments
• Design and implement security architectures for converged IT/OT environments, including network segmentation, DMZ design, and secure data flows between corporate and industrial networks
• Evaluate and implement security tools and technologies appropriate for hybrid IT/OT environments

?Monitor and analyse OT network traffic for anomalies, threats, and unauthorised access using specialised ICS security tools

• Research emerging threats, vulnerabilities, and attack techniques targeting IT/OT convergence points
• Analyse malware and threat actor TTPs relevant to industrial environments
• Conduct reverse engineering and vulnerability research on industrial protocols, firmware, and control system components
• Develop proof-of-concept exploits, detection signatures, and defensive countermeasures for identified vulnerabilities
• Build and maintain a research lab environment with representative IT and OT equipment for testing and experimentation
• Publish research findings through internal reports, whitepapers, and external conference presentations (as appropriate)

?Stay current on emerging OT threats, vulnerabilities, and industry best practices; provide recommendations for security improvements

We are looking for a results-oriented, can-do attitude experienced OT/IT Security Analyst/Researcher to join some of the industrys brightest minds, dedicated to developing hardware and software security and communication solutions for industrial systems., ?35+ years of experience in IT/OT cybersecurity, with at least 2-3 years of demonstrated expertise in OT/ICS security domains

• Strong understanding of enterprise IT security: network security, Active Directory, endpoint protection, cloud security, and security operations.
• Solid knowledge of SCADA systems, PLCs, DCS, RTUs, HMIs, and industrial network architectures (Purdue Model)
• Strong understanding of industrial protocols (Modbus, DNP3, OPC, EtherNet/IP, Profinet, etc.), and IT protocols (TCP/IP, HTTP/S, SMB, RDP)
• Practical experience with network segmentation, firewalls, and secure remote access in OT environments

?Hands-on experience with security tools across both domains: SIEM, IDS/IPS, vulnerability scanners, and OT-specific platforms, such as Claroty, Dragos, Nozomi, or similar platforms

?Familiarity with relevant security frameworks and standards, like IEC 62443, NIST SP 800-82, NIST SP 800-207, NIST CS, NERC CIP, and MITRE ATT&CK (Enterprise and ICS)

?Proficiency in scripting and automation (Python, PowerShell, Bash) for security analysis and tool development

?Experience conducting vulnerability assessments and penetration testing in sensitive operational environments

• Bachelors degree in Cybersecurity, Computer Science, Engineering, or a related field (or equivalent experience)
• Systems thinking with the ability to understand complex interdependencies between IT and OT environments
• Strong analytical and research skills with intellectual curiosity about emerging threats and technologies
• Proven ability to communicate complex topics clearly and concisely.
• Excellent verbal and written technical English communications skills.
• Ability to prioritise and handle multiple tasks and projects at any given?time.
• Strong organisational skills with close attention to?detail.
• Ability to remain calm under pressure and meet?deadlines

Desirable:

• Relevant certifications such as GICSP, GRID, CSSA, CISSP, or vendor-specific ICS certifications
• Experience with reverse engineering tools like Ghidra, IDA Pro, or others
• Background in critical infrastructure sectors: energy/utilities, manufacturing, oil & gas, water/wastewater, transportation
• Experience with cloud security and securing cloud-connected OT environments (AWS, Azure, GCP)
• Knowledge of safety systems (SIS) and safety-security integration challenges
• Prior experience in control systems engineering, automation, or industrial operations
• Experience with SIEM integration for OT environments and security log analysis
• Masters or a PhD degree in a relevant technical field

At ANGOKA, our mission is to secure the digital foundations of the modern world - embedding trust, resilience, and safety into the communication and data networks that underpin smart cities, autonomous systems, and future aviation. Airports and airspace are increasingly vulnerable to cyberattacks, as recent events in Europe have highlighted. ANGOKA is building the technology platform for a safer, more connected future aviation system. We aim to focus first on air, with the resulting products and systems rapidly applicable to other sectors, including land and marine transportation.