OT Security Manager
12 month contract - likely to extend
Remote / Site based initially (Brentford, Ware or Barnard Castle)
My Client is looking for 2 experienced OT Security Managers, for an initial 12 month contract role. the position is flexible on location, initial 2 weeks will need to be able to come to a site for 3 or 4 days (preferably Brentford, Ware or Barnard Castle) to complete initial training, but after that point can be home based if preferred.
Job Purpose - OT Security Manager
The Senior Operational Technology (OT) Security Manager is a senior member of the GSC OT Security team. The role scope includes defining, developing, assessing, approving and delivering complex and innovative technologies & processes to reduce OT Cyber security related risks across GSC, which may impact safety, quality, supply or reputation of GSC Manufacturing Operations.
This person will act as a Subject Matter Expert for the technology & processes related to OT Cyber Security, will ensure that good security practices are embedded across GSC manufacturing sites, make recommendations for improvement / oversight and set the direction of the OT security strategy.
Strategy & Standards
- Develop in depth knowledge of the GSK technology, systems and processes deployed to protect our manufacturing operations from cyber security threats
- Examine, design and document reference architectures for manufacturing automation systems deployed across GSC, aligned to industry standards and best practices
- Work with key vendors to ensure vulnerabilities & threats are risk assessed and develop appropriate mitigation activities where required
- Educate GSC site automation engineers, technicians and any related technical resources on OT cyber security best practices and standards
- Define standards, review and approve OT firewall rules to ensure both security and functionality to maximise protection of the systems hosted on the OT network infrastructure
- Work with the sites to ensure that any cyber security incidents and alerts are responded to and completed with the appropriate sense of urgency
- Work throughout the GSC network to define logging, alerting, patching processes to identify, reduce and mitigate cyber security risks and vulnerabilities
- Work with sites to ensure that OT systems are protected with the appropriate level of cyber security protection and security controls, based on a defense in depth principles
- Work with Business Unit / Global Tech groups to deliver the required secure network infrastructure & segmentation based on recommended reference architectures and industry standards
- Work with sites to ensure alignment with direction of strategic OT security solutions such as secure remote access, network segmentation and OT access management
- Work with sites and Business Unit / Global Tech to ensure that the appropriate cyber security and system discovery & monitoring tools are in place and in use
Subject Matter Expert (SME)
- SME on GSK OT architecture and infrastructure with broad general knowledge on IT applications and infrastructure with specific knowledge on key platforms se
- SME on manufacturing automation systems, devices and applications with specific knowledge on relevant Manufacturing Execution Systems (Data historians, EBR, OEE, SAP), ISA Standards (ISA 99/IEC62443, S95, S88) & Communication networks and protocols (Serial, Profibus, Ethernet)
We are looking for;
Automation Engineers with IT / Networking experience.
Experience with OT Cyber Security; Preferable to have previous Pharmaceutical industry experience but not essential.
· Relevant degree in engineering, computing or similar
· Experience in technical roles that have involved exposure to IT infrastructure and OT Cyber Security technologies / processes
· In depth expert knowledge of a range of Manufacturing Automation / OT systems
· Effective communication skills with the ability to interface with operational, capital projects and senior management within the organization
· Specialist training in OT Cyber Security (e.g. SANS ICS410)
· Understanding of regulatory requirements impacting our operations (EHS, GxP, Global Engineering Standards)
If you feel you would be suitable for the role of OT Security Manager, please apply using your most up to date CV