OT Security Engineer

JOB IN SUMMARY

This role is part of the Cyber security team, and responsible for ensuring the design, implementation and ongoing management of security technical controls across OT systems, network and integration.

KEY RESPONSIBILITIES:

As an OT security engineer, you will be responsible for:

1. Risk Assessment and Management - conducting thorough risk assessments to identify vulnerabilities in industrial control systems (ICS) and other OT assets. Evaluate the potential impact of threats and develop strategies to mitigate risks. This includes performing regular security audits, vulnerability scans, and penetration testing to ascertain the resilience of the systems. Supporting on Site assessments of IT/OT and opportunities for improvement.

2. Assessments - Lead OT cybersecurity assessments, including design reviews, network topology reviews, and mapping data flows. Security Policy Development – supporting the Director of OT security to create, implement and maintain security and architecture policies and procedures, delivering a secure by design methodology Collaborating with various stakeholders, including IT and operations teams, to formulate robust security frameworks that address potential threats and vulnerabilities.

3. System Design – supporting the Site managers, Digital operations team, network Lead and OT Security Director to design definitions, review and validate new systems and improve existing.

4. Implementation of controls - implement and manage security controls to protect critical systems. Including deploying firewalls, intrusion detection/prevention systems (IDS/IPS), remote management software, and other security technologies designed to prevent unauthorized access and detect malicious activities. They also configure network segmentation to limit the exposure of sensitive OT assets.

5. Incident response and recovery - In the event of a security incident, you will coordinate response efforts. Develop and maintain incident response plans that outline procedures for detecting, analyzing, and responding to security breaches. Post the incident you will lead on root cause analysis.

6. Security Awareness and Training – Work with the Governance, Risk and Compliance teams to develop appropriate training specifically for those who work within OT environments, ensuring they understand what is required.

7. Stakeholder management – work with multiple senior stakeholders at Plants, including site management, internal IT teams and service providers. Collaborate to implement, maintain and monitor security protocols across sites and bridge any gaps between IT and the unique OT system requirements.

8. Vendor management – Support the Director of OT security to management vendors, including, relationship management, evaluation of vendor products and services, negotiating contracts and ensuring vendors are meeting contractual requirements.

9. System Integration - Integrate security solutions with existing OT systems. Ensure that new technologies are compatible with legacy systems and do not disrupt operations. Must have a deep understanding of both the technical and operational aspects of the OT networks and infrastructure.

10. Reporting and Metrics - establish performance metrics to measure the effectiveness of security controls. Generate regular reports that detail security incidents, risk assessments, and overall system resilience. Continuously monitor the effectiveness of controls and report back to stakeholders.

• University or College degree in Engineering, Information Technology, Cyber Security, or related field.
• At least 5 years of hands-on operational experience in cyber security with increasing responsibility, including managing teams and vendor relationships.
• Hands-on experience with OT/ICS critical infrastructure in industries like CPG, Pharmaceuticals, or ONGC preferred.
• Experience in several security architecture domains (IAM, Software Development, Networking, Mobility, Information Protection).
• Professional qualifications – CISSP, ISSAP, CISM etc.
• Deep understanding of IT / OT systems, Process layer, networking and cyber security principles, with strong analytical skills and well as the ability to think critically and creatively to identify and address potential issues.
• Hands-on experience with security technologies, such as firewall, SIEM, SOAR, Identity and access management etc.
• Excellent communication and collaboration skills to manage and maintain stakeholder relationships. Understanding, of OT/ICS infrastructure in Food and Beverage or similar industries
• Proficiency in OT/ICS network design and building network architecture drawings.
• Ability to influence and communicate effectively at all levels.
• Knowledge of techniques and tools for effective analysis and problem resolution.
• English proficiency: Clear and concise communication skills, both orally and in writing.

Our Purpose is to “be the change for good food and a healthy future”. At ofi, we celebrate our diversity. ofi provides equality of opportunity for all persons with respect to hiring without discrimination on the grounds of race, color, religion, national origin, sex, pregnancy, age, disability, veteran status, or sexual orientation. All employment decisions will be based on qualifications, merit, and business needs.

• Qualification: Bachelor
• Age: Unlimited
• Job type: Permanent