OT Security Specialist
Krakow, PL
Job Purpose
In this role, the OT Security Specialist will be a member of the global Information Security team, within the CISO’s department, serving as regional OT/IACS Security representative for Poland while providing Global support for projects and initiatives from the Information Security team.
Job Description
Provide secure design, development, and architecture requirements for Industrial Control Systems (ICS) environments and information and digital systems as they relate to ICS and automation.
• Provide cybersecurity awareness and training within product development and ICS environments.
• Provide support to write, review, and maintain policies, standards, guidelines, and procedures governing the information security requirements for the OT/IACS environments.
• Provide secure architecture designs for OT/IACS networks.
• Perform information security reviews and assessments of projects, solutions, systems, networks, and processes related to OT/IACS environments.
• Assist with identification, evaluation, and implementation of security technologies for OT/IACS systems.
• Provide support to projects and initiatives that enables the business to accomplish their goals in a secure manner.
• Provide support to manage and remediate the vulnerabilities identified at TechnipFMC OT/IACS systems.
• Support on the implementation strategies for ICS environments with clear understanding of the differences between IT and OT environments (e.g. Anti-virus on HMIs, application whitelisting, security policies for firewalls in OT/IACS environments, etc.).
• Support the execution of information security risk assessments on OT/IACS systems, including products, systems, sites, vendors, and solutions developed, maintained, operated or managed by TechnipFMC.
• Support on the development of technical design documentation and technical reports for both technical and management consumption and understanding.
• Follows the established metrics and key performance indicators to monitor the overall health and effectiveness of the OT/IACS security program.
• Stays informed about the latest cyber threats in the OT/IACS area.
• Supports on the development of strategies and plans to mitigate emerging cyber threats. Acts as subject matter expert in Industrial Automation and Control Systems security
Required Skills
• Bachelor’s degree or equivalent
• Strong technical OT/IACS Security experience (+5 years): ability to review configurations on OT/IACS (e.g. PLCs, HMIs, industrial and automation software, etc.), identify best practices for backup and recovery of OT/IACS.
• Good technical knowledge: Applications technologies, networks, protocols, operating systems (Windows/Linux) and troubleshooting's.
• Understanding of Industrial Networks and Protocols.
• Experience using OT/IACS software including: o Engineering Software o Version Management Software o HMI Software o OPC Software
• Working knowledge of networking concepts, ability to design and review network designs, and perform security assessments of network designs.
• Good writing/presentation skills.
• OT/IACS Security Certifications (GICSP, GRID, ISA/IEC 62443, etc.)
• Information Security related certifications (e.g.: CISSP, CISM, CEH, OSCP, CCSP, etc.)
• Experience on recommending and implementing security controls, hardening, and security technologies in OT/IACS systems and networks.
• Experience implementing vulnerability and patch management programs in OT/IACS environments.
• Working knowledge of OT/IACS Security standards.
• Willingness to travel to other TechnipFMC sites (5%)
Leadership Competencies