OT Security Expert
Job Type: Full Time / Permanent
The OT Security Expert is responsible for the regional coordination of IT security measures related to OT systems, which includes development, implementation and improvement of central and de-central security measures related to OT. Is central point of contact for the local organizations in their specific region. In this role, he/she also acts as a liaison to the local IT department and provides IT competence to PCT Engineers during projects and for general problem solving.
Major Tasks & responsibilities: • Reports to Global OT Security Officer • Responsible for executing and implementing OT Security projects as defined in OT Security Strategy within assigned or other sites in NAFTA region. Develops and maintains project documentation to numerous audiences • Responsible for implementation of OT Security standards at small sites, system houses and downstream businesses where the Local OT Security officer is not a DCS or Cybersecurity Expert • Consulting for local PCT on IT related technical issues on security aspects of process automation systems (e.g. domains, network segmentation, ICS upgrade, time synchronization, license management, firewalls, patching, server hardening, SIEM, PAM, remote access, network monitoring, etc.) • Maintain the strong relationship with major site PCT for consulting and supporting the implementation of cybersecurity risk mitigation measures. • Conceptualizes and coordinates implementation of IT Security for IT-Systems and IT-Networks of production environments • Acts as liaison for OT specific Incident Response. Liaison with SOC, Incident Response teams, Local OT Security Caretaker, vendor and IT for incident response. • Lead, and support local PCT with internal, external, and regulatory OT audits in assigned sites • Responsible for maintenance and administration efforts of OT security controls in assigned sites Awareness, Information sharing and collaboration • Identify and report local awareness and training needs within PCT or IT. Facilitate local communication to maintain higher awareness. • Maintains high awareness of security warnings -Receive and scout security warnings Report to the Global OT Security Officer Distribute consumable and relevant information to Local PCT Organization • Participate and contribute in regional and global OT Security community meetings held by Regional and Global OT Security officers • Contribute to regional and global experience exchange and knowledge availability regarding OT security for PCT environments, including internal experts from and external experts from suppliers and other companies • Maintains high level of understanding and knowledge of cybersecurity fundamentals and developments.
Minimum Qualifications: • Bachelor’s Degree in engineering or computer sciences or related degree with 6+ years of professional experience in PCT domain OR a Master’s degree with 4+ years of experience will also be considered. Associates Degree with 9+ years of experience will also be considered. • 3+ years of professional experience in OT security (design, implementation, and operation) in industrial environment.
Essential Skills: • Effectively communicates risks and risk mitigation programs to the senior leadership and stakeholders • Experience with endpoint security solutions (Anti-malware, Application control…) • Good experience with network design, firewall configuration, device hardening, virtualization, and management • Good understanding of the current threat landscape and counter measures • Experience with AWS would be a plus • Knowledge of ICS architecture Purdue model, ICS network protocols (IP based and serial) • Working knowledge with Industrial Cybersecurity standards such as IEC 62443, NIST • Professional Security related certifications (GICSP, ISA/IEC 62443 Expert etc.) would be a plus • Ability to travel a minimum of 25%.