Ethical Hacker - OT Security Consultant

Packetlabs is looking for an OT Security Consultant to own how Packetlabs evaluates risk in sensitive, high-stakes systems where uptime, safety, and reliability cannot be compromised. The OT Security Consultant is a specialized technical role focused on assessing Operational Technology (OT) environments across all industries. This role is about applying deep security judgment to environments where conventional testing approaches are too blunt, and where credibility comes from knowing when to push and when to hold back.

This role requires the rare combination of offensive security instinct and operational restraint. OT environments (industrial control systems, SCADA, and field devices) demand a consultant who can identify real risk without introducing it. You will work directly with clients to understand their environments and deliver findings that improve security posture without disrupting operations. At Packetlabs, you’ll be backed by a team that is deeply committed to technical excellence.   We hold ourselves to a high standard, invest heavily in our team, and give our experts the autonomy and support needed to become leaders in their field. 

What you’ll be doing

• Security Architecture Reviews
• • Perform holistic tabletop reviews covering both technical and non-technical risk across OT environments, without engaging in high-risk manual or automated activity
  • Analyze for areas of negative impact, high risk, and single points of failure (SPOF) within sensitive, legacy networks
  • Apply structured judgment to identify where risk is concentrated and where controls are missing
  • Adapt review depth and approach to the operational realities of each client environment
• OT Risk Identification & Assessment
• • Identify vulnerabilities and weaknesses across Operational Technology environments, including Industrial Control Systems (ICS), SCADA, and field devices
  • Assess legacy and sensitive networks where conventional testing methods carry unacceptable operational risk
  • Distinguish between theoretical and operationally relevant risk to keep findings actionable
  • Prove impact where appropriate, exercising restraint where the environment demands it
• Client Advisory & Program Improvement
• • Support OT clients with security program improvements, identifying which critical controls are needed
  • Refine testing scope collaboratively as engagements proceed and the environment becomes clearer
  • Translate technical findings into guidance that clients can act on across both technical and leadership audiences
  • Build client confidence through credibility, clear communication, and operational awareness
• Methodology & Continuous Improvement
• • Contribute to the maturity of Packetlabs' OT testing methodology and practice
  • Stay current on OT threats, attack techniques, and defensive controls
  • Share knowledge with the broader team to minimize blind spots and strengthen collective capability
  • Help raise the standard of OT security work across the firm

Who you are

• No egos, ever. Egos don't belong at Packetlabs. The more you learn, the less you know. You stay humble, ask questions, and work to help clients improve their security.
• Customer-first mentality. You are an excellent communicator with clients, project managers, and teammates. You are responsive, reliable, and professional throughout every engagement.
• You deliver work that you take pride in. Your work is an autograph of your excellence. You hold yourself to a high standard and it shows in what you produce.
• Digs deeper into every finding. You don't stop until impact is proven, while understanding that restraint is the right call in sensitive OT environments where high-risk activity is not appropriate.
• Comfortable being uncomfortable. You move toward obstacles, not away from them. Consulting is not a typical job and requires adapting to rapidly changing environments.
• Always learning. Cybersecurity changes every day and you keep up because you want to. You are deeply aware of your skillset and committed to improving it.
• Self-motivated and dependable. You take ownership of your work and your outcomes without needing to be managed into them.

What you bring

• A graduate of an Information Security or Computer Science degree program
• Professional qualifications (one or more preferred): GICSP, GRID, GCIP, CSSA, CACE, CISSP, OSCP
• 3+ years experience assessing or operating within OT, ICS, or SCADA environments
• Strong understanding of the operational constraints that make OT testing distinct from IT testing
• Excellent communication skills, with the ability to convey risk clearly to technical and non-technical audiences
• A demonstrated commitment to continuous learning in a rapidly evolving field
• Strong analytical and problem-solving skills, with the ability to work independently in unfamiliar or highly specialized environments

What success looks like

• Clients gain a clear, accurate understanding of their OT risk without any operational disruption
• Findings are credible, impactful, and directly actionable for both technical and leadership audiences
• Engagements are delivered to a consistently high standard with strong client confidence
• Scope is managed well as engagements evolve, with risk surfaced early and clearly
• Packetlabs' OT methodology and practice continue to mature through your contribution
• Clients trust Packetlabs as a partner that understands the stakes of testing sensitive environments

Why us?

• The opportunity to work on high-stakes OT engagements where your judgment genuinely matters
• Receive immediate and ongoing offensive security training, mentorship, and professional development to advance your technical capabilities
• Play a key role in shaping the growth, direction, and methodology of Packetlabs expanding OT practice
• A leadership team that values substance, quality, and disciplined execution
• Collaboration with a highly skilled team of security professionals who are passionate about technical excellence and raising the bar 
• Competitive compensation and growth opportunity
• GRRSP with corporate matching in Canada
• Participation in corporate benefit plans within Canada
• Flexible work environment that empowers employees to do their best work
• Fully remote within Canada or Texas