Role Overview We are looking for a highly specialised OT Penetration Tester with strong experience in wireless communication networks (GSM and RF Mesh) within AMI / Smart Metering environments .
This role focuses on black-box security testing of OT networks , validating communication flows, resilience, and protocol-level vulnerabilities across large-scale distributed infrastructure.
Key Responsibilities 1.
Wireless OT Penetration Testing (Core) Perform black-box penetration testing on RF Mesh and private GSM networks in AMI environments Simulate real-world attack scenarios without access to internal system logic Test communication between smart meters, concentrators, and head-end systems 2.
Functional & Protocol Validation Validate input/output behaviour using: Meter readings Commands Alerts / alarms Verify expected responses such as: Data acknowledgements Error handling Work with protocols: DLMS/COSEM Wireless M-Bus 3.
Network Resilience & Interference Testing Simulate: Signal jamming Node failure Packet loss scenarios Assess: Network recovery Data integrity Stability of multi-hop RF mesh networks Work across frequency bands like: 902–928 MHz (RF Mesh) GSM spectrum 4.
Security & Data Transmission Testing Analyse encrypted communication flows (without decryption) Identify vulnerabilities in: Authentication Data integrity Transmission security Ensure compliance with OT communication standards 5.
Performance & Scalability Testing Conduct stress testing for: High-volume meter data transmission Large-scale AMI deployments Evaluate: Latency Throughput Network congestion handling Mandatory Skills (Non-Negotiable) Strong experience in OT Security / ICS environments Hands-on wireless penetration testing (GSM / RF Mesh) Experience with AMI / Smart Metering systems Knowledge of: DLMS/COSEM protocol Wireless M-Bus Understanding of: RF communication (frequency bands, interference, propagation) Mesh network architecture (multi-hop networks) Good to Have Experience with SCADA / ICS security testing Knowledge of IoT / embedded device security Familiarity with tools for RF analysis / wireless testing