As OT Security Engineer, you will work in collaboration with the Sector Cyber Organization to assure the secure operations of a site, protecting against business interruption due to internal and external incidents. Reporting to the Automation Manager, you will be a member of the Engineering site team.
Key Responsibilities :
1. Lead implementation of site Cybersecurity initiatives in alignment with global standards, policies, and guidelines.
2. Promote security culture and drive continuous improvement efforts in the area of cybersecurity.
3. Provide cybersecurity direction to local Manufacturing, Engineering, Automation, QC Labs, and Digital teams.
4. Manage cybersecurity in site Business Continuity Plan, site risk register, follow up with stakeholders, and provide global visibility.
5. Carry out internal OT cybersecurity assessments and represent the site in cybersecurity audits.
6. Orchestrate Security Incident Management process as a Single Point of Contact for a local site and the CISO Organizations.
7. Management of OT security risk situation, elaborating a roadmap for cybersecurity mitigation and remediation actions.
8. Implementation of the actions defined in the cybersecurity roadmap for OT equipment and systems.
9. Support local OT teams focusing on patching, antivirus, backup & restore, remote maintenance, and asset inventory.
10. Support local OT teams on the integration of equipment and systems of the Production and Lab areas to existing industrial communication networks following the global and local standards.
Who You Are :
1. You have a Graduate Degree in the field of Automation, Industrial IT / OT, Cybersecurity, or comparable.
2. You have around 5 years of experience in the pharmaceutical industry or similar as a project manager, commissioning and troubleshooting of automation systems and assets, taking part in projects for the integration of OT equipment in the IT / OT networks, managing cybersecurity risks, and defining and implementing cybersecurity mitigation and remediation actions.
3. You have experience in a GxP regulated environment, defining functional specifications, SOPs, and maintaining them updated.
4. You have experience in life cycle management of applications, incident management, and change management protocols.
5. Knowledge of industry-leading cybersecurity standards: ISA, IEC, ISO, NIST, Namur, ENISA, BSI is appreciated.
6. You have experience in cybersecurity assessments and audits.
7. You have experience working with Siemens PLCs, Wonderware SCADAs, Siemens HMI systems, virtual infrastructures, industrial communications, and databases.
8. You have strong stakeholder management, communication, and organizational skills to work with local and global colleagues.
9. You are fluent in Spanish and English.
#J-18808-Ljbffr