OT Consultant - Lisbon

Sysmatch is an IT Consultancy and Outsourcing , resulting from the accumulation of know-how and the experience of our consultants, allowing the implementation of solutions adapted to the needs of our clients, privileging their robustness and scalability.

More than two decades in the IT market, we present ourselves as a flexible, adaptable, innovative and forward-looking Company.

At the moment we are looking for the following candidate:

OT Consultant

Tasks and Responsibilities:

• Design and implement the operational PSIRT vulnerability lifecycle: intake, triage, risk assessment, remediation tracking, disclosure, and closure.
• Lead vulnerability triage and risk assessment activities: exploitability analysis, product/system exposure, operational impact evaluation, and mapping CVE/CVSS data to engineering remediation priorities.
• Define and operationalize severity assessment frameworks that combine CVSS scoring with contextual impact modifiers (safety, reliability, regulatory exposure, operational risk).
• Create practical triage workflows, prioritization criteria, escalation models, and decision frameworks that balance remediation urgency with business and engineering constraints.
• Advise on tooling and workflow architecture (ServiceNow VM or equivalent, vulnerability management platforms, SIEM/SOAR integration), including ticket/state life-cycles, metadata schemas, and handover points to engineering.
• Define required metadata and taxonomy: product lineage, firmware versions, asset hierarchies, ownership, exploitability flags, event/incident taxonomies.
• Develop PSIRT process artifacts: SOPs, triage playbooks, classification criteria, RACI models, escalation trees, remediation SLAs, disclosure workflows, and regulatory notification procedures.
• Coordinate integration points with SOC, SIEM/SOAR pipelines, DevOps, R&D engineering, product security, and operations; design alert triggers and remediation handoff processes.
• Support tooling configuration and rollout: data model requirements, required fields, escalation triggers, dashboards, metrics, and audit evidence requirements.
• Translate strategic PSIRT frameworks into executable operational practices and backlog-integration models (SLAs, remediation prioritization, engineering backlog handover).
• Provide training, onboarding, and knowledge transfer to internal teams or local delivery leads; act as subject-matter authority for PSIRT operational questions.
• Monitor and continuously improve PSIRT KPIs, dashboards, and post-incident/lessons-learn processes.

Hard Skills:

• Deep domain expertise in PSIRT, product security, or pre-CERT operations, preferably with exposure to industrial products, embedded/OT/IoT, safety-critical systems, or complex software products.
• Strong practical experience in vulnerability triage, CVE analysis, exploitability assessment, and prioritized remediation planning.
• Proficiency applying CVSS and building severity models that incorporate contextual modifiers (safety, regulatory, operational impact).
• Tooling experience: ServiceNow Vulnerability Management (preferred) or Kenna, Tenable, Qualys, Jira-based workflows, or equivalent vulnerability management platforms.
• Ability to design data models and metadata taxonomies for vulnerabilities, assets, firmware/product lineage, and ownership.
• Familiarity with SOC/SIEM/SOAR interactions and designing alert-to-PSIRT pipelines.
• Experience translating security processes into engineering backlog models, SLAs, and remediation tracking mechanisms.
• Competence in creating operational documentation: SOPs, playbooks, RACI matrices, escalation flows, and disclosure/regulatory workflows.
• Capability to define metrics, dashboards, and audit evidence requirements for governance and compliance.

Soft Skills:

• Strong stakeholder management and influence across security, engineering, operations, and product teams.
• Excellent analytical skills and attention to operational detail.
• Ability to translate strategic direction into pragmatic, repeatable operational practices.
• Clear communicator and effective technical writer for playbooks, SOPs, and tooling requirements.
• Consulting mindset: adaptable to distributed leadership and collaborative delivery models.
• Coaching and mentoring capability to upskill delivery teams and engineers.
• Fluent English; additional local language fluency is beneficial where applicable.