AirOverflow is stepping into one of the most critical and underserved domains in the entire cybersecurity landscape — the security of Operational Technology and Industrial Control Systems — and we are looking for a driven, technically curious intern to be part of building this capability from the ground up. OT and ICS environments power the infrastructure that the modern world depends on: power grids, water treatment facilities, manufacturing plants, oil and gas pipelines, and transportation systems. Unlike traditional IT environments, these systems were designed for reliability and uptime — not security — making them uniquely vulnerable and extraordinarily high-stakes targets for cyberattacks. The consequences of a breach here are not just data loss; they can be physical, operational, and even life-threatening. This is precisely why securing them matters so deeply, and why AirOverflow is committed to developing expertise in this space. As an OT/ICS Security Engineer Intern, you will be introduced to the specialized protocols, architectures, and threat models that define industrial environments, working alongside our security team to research vulnerabilities, study real-world incidents, and explore how adversaries target critical infrastructure. This is a rare and forward-looking opportunity in Pakistan's cybersecurity ecosystem, and we are looking for someone who understands the weight of that responsibility and is excited to rise to meet it.

What You'll Do

• Research OT/ICS-specific attack techniques, threat actors, and real-world incidents targeting critical infrastructure
• Study and develop familiarity with industrial protocols such as Modbus, DNP3, PROFINET, and EtherNet/IP
• Assist in evaluating the security posture of simulated or lab-based OT/ICS environments
• Support the team in identifying vulnerabilities in SCADA systems, PLCs, RTUs, and HMI interfaces
• Research and document CVEs, advisories, and threat intelligence relevant to industrial control systems
• Explore network segmentation, the Purdue Model, and security architecture principles specific to OT environments
• Contribute to the development of internal OT security methodologies, playbooks, and research documentation
• Participate in team knowledge-sharing and stay updated on ICS-specific cybersecurity frameworks such as NERC CIP and IEC 62443

What We're Looking For

• Foundational understanding of networking concepts including TCP/IP, network architecture, and basic protocols
• Basic familiarity with industrial systems, SCADA, PLCs, or control systems — whether through coursework, projects, or personal interest
• A background or strong interest in electrical engineering, instrumentation, mechatronics, or computer engineering
• Curiosity about how physical systems interact with digital infrastructure and where security gaps emerge
• Strong research and analytical skills with the ability to self-direct learning in unfamiliar territory
• Ability to document and communicate technical findings clearly and concisely
• A serious and responsible mindset — this domain carries real-world consequences that demand careful, methodical thinking

Nice to Have

• Hands-on exposure to PLCs, HMIs, or SCADA platforms such as Siemens, Rockwell, or Schneider Electric
• Familiarity with OT-specific security tools such as Claroty, Dragos, or Nozomi (even at a conceptual level)
• Knowledge of cybersecurity frameworks relevant to industrial environments — IEC 62443, NERC CIP, or NIST SP 800-82
• Prior experience in penetration testing, CTFs, or offensive security
• Understanding of network packet analysis using tools like Wireshark, with exposure to industrial traffic
• Any coursework or projects in industrial automation, control systems, or SCADA environments

What We Provide

• Mentorship from security professionals operating at the intersection of IT and OT security
• Hands-on exposure to industrial security concepts, tools, and simulated environments
• The opportunity to build expertise in one of the most critical and least saturated niches in cybersecurity
• Internship certificate and letter of recommendation upon successful completion
• Access to AirOverflow's internal research resources and security knowledge base
• A potential pathway to a full-time role as AirOverflow develops its OT/ICS security practice
• The chance to contribute to work that has a direct and meaningful impact on national critical infrastructure security