Principal Industrial Consultant (Cyber Risk Advisor)

Remote - USA /
Threat Operations Center – Global Services /
The Dragos Global Services team serves as industry-leading experts in solving industrial control system security challenges. We then bring that expertise back and integrate it into our software technology: The Dragos Platform.

We're looking for individuals with experience in cyber risk management to provide clients with tactical and strategic recommendations to improve the security posture. Candidates will work with operational technology (OT) environments across a variety of critical infrastructure sectors including electrical power, manufacturing, chemical, oil & natural gas, pharmaceutical, and food & beverage facilities.

Ideal candidates will understand how industrial processes work, how they can be attacked, and how defensive postures can be improved. Moreover, as a Cyber Risk Specialist, each team member is expected to develop professional consulting solutions across various workshops and client engagements. Candidates will be working with US and international customers and directly contributing to Dragos' research and development efforts.


    • Serve as a subject matter expert on a team designing and implementing cyber risk client services. Additionally support the existing library of Dragos professional services, including architecture reviews, tabletop exercises, and security assessments in industrial environments. These engagements include a range of tasks such as workshop facilitation, documentation review, network configuration review, crown jewel analysis, and incident response preparation. Tasks cover the entire lifecycle of global services engagements (from kick-off to final reports) as well as leading multiple concurrent projects
    • Lead both internal and client-facing tasks, projects, or engagements, as needed
    • Lead research and innovation projects to fuel Dragos technology advancement. This includes the governance, risk, and compliance (GRC) or other integrated risk management (IRM) topics that can be added to dashboards and reports
    • Ability to learn, adapt, and eventually complete Dragos Platform workflows for client engagements
    • Actively improve and refine existing workflows, and run books and procedures, incorporating lessons learned from active engagements with a keen eye for operational optimization
    • Leverage hands-on cybersecurity and assessment experience to facilitate and lead active customer engagements
    • You will own the final delivery of customer engagement reports including verbally presenting findings and acting as an escalation point for customer questions and concerns
    • Lead and author various outreach and thought-leadership projects including webinars, white papers, and conference presentations
    • Perform data collection and analysis tasks
    • Serve as a mentor for fellow team members


    • Proven ability to safely perform risk assessments and consulting of industrial environments.
    • Hands-on knowledge of industrial environments including PLCs, RTUs, instrumentation, and the industrial processes they sustain
    • Visibility and communication regarding industrial cyber risk across multiple audiences, including engineering, operations, and executive leadership
    • Previous experience with system administration, networking, system hardening, and remote access techniques within operational technology environments
    • 7+ years of OT-related cyber risk experience and a desire to continuously learn more about industrial control systems, devices, instrumentation, and communications protocols
    • Ability to research and recommend prioritized, cost-effective mitigations for risk, safety, or security to networks and devices
    • Ability to contribute to high-quality reports that directly support customer and engagement success criteria


    • Base Salary: $160,000
    • Base + Benefits + Equity = $260,000
    • Comprehensive benefits plan (medical, dental, vision, disability, life insurance, 401K with match)
    • Equity at Dragos is quickly growing and the total compensation under-represents the future growth and refresh program. This will be discussed on the first call with the Dragos recruiter.
Dragos is the Industrial Cybersecurity expert on a relentless mission to safeguard civilization. In a world of rising cybersecurity threats, Dragos protects the most critical infrastructure – those that provide us with the tenets of modern civilization – from increasingly capable adversaries who wish to do it harm. Devoted to codifying and sharing our in-depth industry knowledge of ICS/OT systems, Dragos arms industrial defenders around the world with the knowledge and tools to protect their systems as effectively and efficiently as possible. Founded by world-class industrial intelligence experts, Dragos has the industry’s largest team of ICS/OT practitioners who have been on the front lines of the world’s most significant industrial cyber-attacks.
Diversity, Equity, and Inclusion are core values at Dragos, and we are passionate about building and sustaining an inclusive and equitable working environment for all. We know that every member of our team enriches our diversity by exposing us to a broad range of ways to understand and engage with the world, identify challenges, and discover, design, and deliver solutions. Not only does a Diversity, Equity, and Inclusion focus enrich our environment and teams, but it is also critical to our success as we defend against adversaries all over the world. The broad range of ideas, experiences, and perspectives is critical to our success.
Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment including annual and client-requested ad hoc drug screens.