OT Security Engineer

Laptop, Chế độ bảo hiểm, Du Lịch, Chế độ thưởng, Chăm sóc sức khỏe, Đào tạo, Tăng lương, Nghỉ phép năm

JOB IN SUMMARY

This role is part of the Cyber security team, and responsible for ensuring the design, implementation and ongoing management of security technical controls across OT systems, network and integration.

KEY RESPONSIBILITIES:

As an OT security engineer, you will be responsible for:

1. Risk Assessment and Management - conducting thorough risk assessments to identify vulnerabilities in industrial control systems (ICS) and other OT assets. Evaluate the potential impact of threats and develop strategies to mitigate risks. This includes performing regular security audits, vulnerability scans, and penetration testing to ascertain the resilience of the systems. Supporting on Site assessments of IT/OT and opportunities for improvement.

2. Assessments - Lead OT cybersecurity assessments, including design reviews, network topology reviews, and mapping data flows. Security Policy Development – supporting the Director of OT security to create, implement and maintain security and architecture policies and procedures, delivering a secure by design methodology Collaborating with various stakeholders, including IT and operations teams, to formulate robust security frameworks that address potential threats and vulnerabilities.

3. System Design – supporting the Site managers, Digital operations team, network Lead and OT Security Director to design definitions, review and validate new systems and improve existing.

4. Implementation of controls - implement and manage security controls to protect critical systems. Including deploying firewalls, intrusion detection/prevention systems (IDS/IPS), remote management software, and other security technologies designed to prevent unauthorized access and detect malicious activities. They also configure network segmentation to limit the exposure of sensitive OT assets.

5. Incident response and recovery - In the event of a security incident, you will coordinate response efforts. Develop and maintain incident response plans that outline procedures for detecting, analyzing, and responding to security breaches. Post the incident you will lead on root cause analysis.

6. Security Awareness and Training – Work with the Governance, Risk and Compliance teams to develop appropriate training specifically for those who work within OT environments, ensuring they understand what is required.

7. Stakeholder management – work with multiple senior stakeholders at Plants, including site management, internal IT teams and service providers. Collaborate to implement, maintain and monitor security protocols across sites and bridge any gaps between IT and the unique OT system requirements.

8. Vendor management – Support the Director of OT security to management vendors, including, relationship management, evaluation of vendor products and services, negotiating contracts and ensuring vendors are meeting contractual requirements.

9. System Integration - Integrate security solutions with existing OT systems. Ensure that new technologies are compatible with legacy systems and do not disrupt operations. Must have a deep understanding of both the technical and operational aspects of the OT networks and infrastructure.

10. Reporting and Metrics - establish performance metrics to measure the effectiveness of security controls. Generate regular reports that detail security incidents, risk assessments, and overall system resilience. Continuously monitor the effectiveness of controls and report back to stakeholders.