OT/ICS · NIS2 · SMART INFRASTRUCTURE

OLEG
GUMENIUC

OT/ICS Security Consultant
SOC Engineer · NIS2 Specialist
OT/ICS SECURITY NIS2 COMPLIANCE UK MANUFACTURING SOC ENGINEERING UK-BASED GSEC CERTIFIED

I help UK manufacturers understand and reduce their OT/ICS cyber risk — from the outside in, before attackers do. Former CNC programmer turned security professional: I've stood next to the machines I now protect.

VIEW SERVICES SEE THE TOOL →
OSINT SCAN NIS2 READY OT/ICS ACTIVE
01 — BACKGROUND

Not just another
security consultant.

My path into cybersecurity started on the factory floor. I spent years as a CNC programmer and precision engineer, working with the exact kind of industrial control systems that attackers target today — Siemens, Fanuc, Haas. I understand the physical consequences of a compromised PLC, not just the theoretical ones.

That background led me into enterprise security operations — running detection and response across complex, multi-site environments with significant OT exposure. I've led OT security initiatives from scratch: scoping, vendor evaluation, sensor placement design, and IEC 62443 gap mapping against live industrial environments.

"Most consultants have never stood next to a running CNC machine. I have — and I know what 'downtime' actually costs."

I work with UK manufacturers and industrial operators to identify and reduce OT/ICS risk — combining hands-on engineering instinct with enterprise-grade security methodology. No large firm overhead, no junior consultants on your site.

ICS
HANDS-ON OT/ICS BACKGROUND
NIS2
EU 2022/2555 · APPLIED IN ROLE
SOC
ENTERPRISE DETECTION & RESPONSE
UK
BASED · REMOTE & ON-SITE
🏭
CNC & Precision Engineering
Years of hands-on experience programming and operating CNC machines. Understands OT environments from the inside — not just network diagrams.
DIFFERENTIATOR
🔐
SOC Engineering
Daily operations across an enterprise SIEM, AI-powered NDR, XDR, and email security gateway. Alert triage, log analysis, incident response, PowerShell automation.
CURRENT ROLE
📋
NIS2 & OT Security Leadership
Leading OT security initiatives: OT visibility platform PoV, sensor placement design, IEC 62443 applied in live industrial environments, NIS2 Art.21/23 compliance programme.
ACTIVE · IN ROLE
🎓
Certifications & Professional Standing
GSEC (active) · CySA+ (in progress) · GICSP & IEC 62443 practitioner (roadmap). Pursuing CIISec MIISec membership and UK Cyber Security Council registration — establishing formal professional standing in the UK cyber community.
GSEC ACTIVE
02 — WHAT I DO

Services.

PRIORITY
01
OT/ICS Security Assessment
Full-scope security review of operational technology environments. Network architecture, segmentation analysis, protocol exposure, asset inventory.
  • Purdue model gap analysis
  • OT network segmentation design
  • Protocol exposure assessment
  • OT visibility platform PoV support
  • Remediation roadmap
NIS2
02
NIS2 Outside-In Assessment
Zero-touch presales intelligence. I show you what attackers already know about your perimeter — before any engagement begins. No client access required.
  • Shodan attack surface mapping
  • Subdomain & shadow IT discovery
  • CVE exposure on perimeter
  • NIS2 Art.21 / Art.23 scoring
  • Executive PDF report
03
Smart Buildings & BMS Security
Building Management Systems are increasingly connected and increasingly targeted. BACnet, Modbus, KNX — I assess and secure the IT/OT convergence layer in modern facilities.
  • BMS network exposure review
  • BACnet / KNX / Modbus audit
  • HVAC & physical access control
  • IT/OT boundary segmentation
  • NIS2 Essential Entity scoping
04
SOC Capability Review
Is your SOC actually detecting OT threats? I review detection coverage, SIEM rules, and alert quality specifically for industrial environments.
  • SIEM use case review (OT focus)
  • AI-powered NDR / XDR coverage gap
  • OT-specific alert logic
  • MITRE ATT&CK for ICS mapping
  • Detection engineering
05
NIS2 Compliance Programme
End-to-end NIS2 gap analysis and evidence building for Essential and Important Entities. Art.20, Art.21, Art.23, Art.32 — structured and audit-ready.
  • Scope & classification advice
  • Art.21 controls mapping
  • TTN / incident reporting process
  • Vendor & supply chain audit
  • Board-level reporting pack
06
Virtual CISO / Advisory
Fractional security leadership for manufacturers and infrastructure operators who need senior cyber expertise without the full-time headcount.
  • Strategic security roadmap
  • Board & C-suite briefings
  • Vendor selection support
  • Incident response planning
  • Security awareness programme
03 — FIELD EVIDENCE

Work that speaks
for itself.

The following assessments were conducted using public OSINT sources only — no client authorisation required. Each represents a real organisation with real exposure, presented here in anonymised form.

MANUFACTURING · OT
Global bearing manufacturer · 50k+ employees
61%
NIS2 SCORE
161 CVEs on Public Perimeter
Outside-in OSINT scan revealed significant attack surface across global manufacturing infrastructure — OT-adjacent systems and unmanaged subdomains.
CVEs DETECTED 161
SUBDOMAINS FOUND 327
EXPIRED CERTS 149
ART.21E SCORE 60%
→ Art.21d shadow IT · Art.21e patch gap · Art.21f CVE backlog identified
MANUFACTURING · BMS
Precision components manufacturer · UK/EU
73%
NIS2 SCORE
14 Services Exposed Behind CDN
CDN masking created false sense of security. Direct IP enumeration revealed 14 exposed services including OT-adjacent management interfaces.
EXPOSED SERVICES 14
CDN BYPASS YES
ART.21E SCORE 88%
ART.21D SCORE 85%
→ CDN bypass vector documented · management interface exposure remediated
NIS2 · SHADOW IT
Industrial equipment supplier · UK
73%
NIS2 SCORE
Shadow IT & Expired Certificate Chain
Surface-level scan revealed unmanaged subdomain infrastructure and expired certificate chain — classic shadow IT indicating uncontrolled asset growth.
EXPIRED CERTS 1
SHADOW IT DOMAINS 1
ART.21D SCORE 65%
CVEs 0
→ Certificate lifecycle gap · supply chain audit recommended · Art.21d

All assessments conducted using legal public OSINT sources only (Shodan, crt.sh, VirusTotal, BGP/ASN).
No client systems were accessed. Company identities withheld. Data accurate at time of scan.

04 — TOOLS & CREDENTIALS

Technical stack.

SOC PLATFORMS
Enterprise SIEM
AI-Powered NDR
XDR Platform
Email Security Gateway
PowerShell Automation
Log Analysis
OT/ICS TOOLS
OT Visibility Platform (PoV)
OT Detection Platform (PoV)
Shodan Industrial
Nessus / OpenVAS
Wireshark / tcpdump
MITRE ATT&CK for ICS
OSINT & RECON
Shodan API
crt.sh
VirusTotal
BGP / ASN lookup
SecurityTrails
URLScan.io
FRAMEWORKS
NIS2 (EU 2022/2555)
IEC 62443
NIST CSF
MITRE ATT&CK
Purdue Model
ISO/IEC 27001
GSEC · GIAC
CySA+ · IN PROGRESS
CIISec MIISec · APPLYING
IEC 62443 · APPLIED IN ROLE
GICSP PLANNED
UK Cyber Security Council
05 — NIS2 OSINT TOOL

I built a tool
for this.

Before any engagement, I run a zero-touch outside-in assessment using public OSINT sources. Clients see their attack surface — CVEs, OT protocol exposure, shadow IT, expired certificates — mapped against NIS2 articles. No access required. Maximum impact.

NIS2 OUTSIDE-IN ASSESSMENT · LIVE OSINT
⚠️
CRITICAL — OT/ICS PROTOCOLS EXPOSED TO PUBLIC INTERNET Modbus TCP :502 · Siemens S7 :102 · 2 hosts · NIS2 Art.21e violation
61%
PARTIAL
161
CVEs ON PERIMETER
327
SUBDOMAINS FOUND
149
EXPIRED CERTS
2
OT PROTOCOLS EXPOSED
DATA SOURCES: SHODAN CRT.SH VIRUSTOTAL BGP/ASN LEAKCHECK · SOON SPF/DMARC · SOON
06 — LET'S TALK

Ready to see
your risk?

I can run a zero-touch outside-in assessment of your domain before our first call — free of charge. You'll see exactly what I see, and exactly what attackers see.

✉ EMAIL ME ↗ LINKEDIN ⬡ REQUEST FREE SCAN
UK-BASED · REMOTE & ON-SITE · MANUFACTURING SECTOR FOCUS