Principal Consultant, Industrial Offensive Security

Are you motivated by strengthening how industrial organizations protect their critical systems, products, and operations in an increasingly connected world? Do you thrive at the intersection of strategy and execution, helping clients understand cyber risks and build defendable security postures in complex industrial environments?

Etteplan is strengthening its Advisory capabilities and is now looking for a Principal Consultant, Industrial Offensive Security. In this role, you will shape early-phase client engagements and guide organizations from security strategy and risk understanding to secure-by-design, implementable solutions across IT and OT environments.

Etteplan is a fast-growing, global technology service company, partnering with organizations across industries to solve complex challenges through engineering, innovation and digitalization.

Your role

As a Principal Consultant, Industrial Offensive Security, you operate at the intersection of security strategy, industrial domain expertise, and applied cyber defense. You lead early-phase engagements, helping clients identify risks, assess cyber maturity, and define clear priorities and roadmaps for improving security across digital, IT, and OT environments.

You help organizations balance strategic security direction with practical defensive and assessment activities, supporting customers in reaching a defendable security state and building the capability to continuously protect and adapt their environments.

You act as a trusted advisor to senior stakeholders and ensure continuity from advisory work into implementation. In addition to client work, you contribute to sales, offering development and the long-term growth of Etteplan’s industrial cybersecurity capabilities.

Your main responsibilities include
– Leading discovery, framing, and direction-setting engagements related to cybersecurity and digital security. – Supporting sales with insight and credibility in pre-sales and client discussions. – Identifying and articulating cyber risks, threats, and vulnerabilities in industrial IT/OT environments. – Applying offensive security, threat modeling, or architecture review approaches to inform strategic security decisions. – Advising clients on secure-by-design principles and defendable security architectures. – Acting as a trusted, consultative partner across executive, operational, and technical stakeholders. – Ensuring smooth transition from advisory work into implementation phases. – Contributing to the development of industrial cybersecurity services and security first ways of working.
Preferred locations for this role include Espoo and Tampere in Finland; Stockholm, Linköping, and Gothenburg in Sweden; Copenhagen in Denmark; and Amsterdam in the Netherlands. The role offers opportunities for international collaboration, and some travel may be required.

Your profile and ways of working

You are a senior advisor who combines strategic thinking with deep expertise in industrial cybersecurity and digital security. You are comfortable operating in complex, highrisk environments and bring clarity grounded in both security realities and industrial constraints.

An ideal candidate will have
– 8+ years of experience in security consulting, cyber defense, offensive security, or similar client-facing roles. – Strong experience with cybersecurity in industrial, energy, defense, critical infrastructure, or other regulated environments. – Deep expertise in one or more areas such as offensive security, penetration testing, vulnerability discovery, industrial cyber defense, or secure architectures. – Experience with IT/OT environments, security modernization, or technologyenabled transformation initiatives. – Ability to apply security depth selectively in advisory contexts (e.g. risk identification, threat modeling, architecture review) without shifting into delivery execution. – Excellent communication skills across executive and operational levels. – A securityfirst, AI-enabled mindset with a strong focus on business and operational impact. – ·A relevant educational background, such as an MSc. in Cybersecurity, Information Technology, Computer Science, or a closely related field.
What to expect

You will join a group of senior business consultants with wide understanding of industrial customers and their needs. In this central role, you will be shaping how Etteplan helps customers secure industrial systems, products, and services in an increasingly digital and connected world. We frame security challenges, assess maturity, and define roadmaps that bridge strategic oversight and practical cyber defense – including the secure use of AIenabled systems, automation and datadriven operations in industrial and OT/IT environments.

Sounds like the right opportunity for you?

Apply through our recruitment system latest by the 15th March, 2026. Please note, we will review applications already during the application period. For additional information please contact Harri Saikkonen (harri.saikkonen@etteplan.com).

Tagged as: IT & data communications, Security & safety industry