Hello. We’re Haleon. A new world-leading consumer health company. Shaped by all who join us. Together, we’re improving everyday health for billions of people. By growing and innovating our global portfolio of category-leading brands – including Sensodyne, Panadol, Advil, Voltaren, Theraflu, Otrivin, and Centrum – through a unique combination of deep human understanding and trusted science. What’s more, we’re achieving it in a company that we’re in control of. In an environment that we’re co-creating. And a culture that’s uniquely ours. Care to join us. It isn’t a question.
With category leading brands such as Sensodyne, Voltaren and Centrum, built on trusted science and human understanding, and combined with our passion, knowledge and expertise, we’re uniquely placed to do this and to grow a strong, successful business.
This is an exciting time to join us and help shape the future. It’s an opportunity to be part of something special.
About the role
The Principal OT Security Architect is a critical role in the Digital and Tech Information Security organization supporting our OT Manufacturing sites to maintain the highest level of service availability and keep our network security levels ahead of our business demands, while pushing for more standardization through automation. The Principal OT Security Architect will assess, improve, and maintain the network security of the global manufacturing Operations Technology (OT) environment, and build new processes & procedures and develop guidelines for the business to adhere to. The Principal OT Security Architect will assess, improve, and maintain the cybersecurity posture of Global Manufacturing Operational Technology (OT) environment including Industrial Control Systems (ICS), Factory Automation systems and others as needed. Additionally, will be a subject matter expert (SME) in delivering controls to mitigate both insider and external risks and security risks.
Role Responsibilities
- Lead all aspects of architectural activities for a technology domain, or architectural practice area, or manage the development of solution architectures for projects or programs within a business area.
- Define standards and direction of architecture in the specific business or technical domain. Define and develop the logical design and information management strategies vital to store, move and manage data in a new target state.
- Create architecture patterns to suggest the most adequate utilization of technical platforms in support of the holistic solution architecture design.
- Define, build, and evolve the Architecture Governance Framework (e.g., architecture methods, practices and standards) for IT/IOT/OT.
- Define, design, apply and support security controls to OT systems in our sites and own and define the architectural security standards for OT. The candidate will lead a team of domain specialists on this matter.
- Analyzes, designs, and develops roadmaps and implementation plans based upon a current vs future state.
- Develop and implement measures, tools, and technology to monitor compliance with company security policies and procedures, laws and regulations.
- Leads the research and analysis of new security trends relating to OT security network.
- Manages relationships with engineering teams and collaborates with teams across the organization to ensure network security levels are maintained at the highest level.
- Explores raw network traffic & performs in-depth data analysis utilizing various tools.
- Create useful and creative data queries & relevant dashboards and reports to key stakeholders.
- Initiation, Prioritization, and design of R&D work based on customer needs.
- Optimize operational excellence and ensure best practices for security are followed.
- Claroty, Palo NGFW, and Zsclaler solution design, operation, and reporting.
- Serve as a key thought leader, helping to maximize the value of Information Security and IT.
- Define and monitor metrics to assess the overall value/maturity of cybersecurity investments.
- Serve on various forums (e.g., Information Security / OT Lead Teams) to analyze projects, programs, and products to ensure they are technological sound, will do no harm, and will deliver the expected outcomes.
- Recognize the value of emerging technologies and practices with intent to accelerate cybersecurity capabilities for manufacturing and lab environments.
- Develop and implement measures, tools, and technology to monitor compliance with company security policies and procedures, laws, and regulations.
- Perform testing against ICS/OT devices, networks, and security control mechanisms.
- Provides leadership, technology guidance, collaboration and mentoring of key stakeholders and teams; develops and motivates to create a positive culture and working environment
Why you?
Basic Qualifications:
- Bachelor’s degree in computer engineering, Electrical Engineering, Computer Science, or a related technical field
- 5+ years of IT and Operational Technology Security experience with a focus on working with Industrial control system cybersecurity frameworks, such as IEC62443, NIST (CSF) Cyber Security, and SANS CIS control frameworks.
- Expertise on developing OT security programs and securing OT security network architectures.
- Solid foundation in laboratory / ICS support which was build up with IT topics like network architectures, network protocols, industrial protocols, Active Directory, Backup processes, virtualization of applications and other general IT knowledge.
- Fundamental knowledge in IT-Security threat modelling, vulnerability assessments and pen-testing.
- Experienced in the use of tools for incident investigations, simulation, and forensics - GxP regulations.
- Ability to present technical design proposals and reports to customers and/or other senior engineering, management, and government groups in clear, complete, concise, and non–ambiguous terms.
- Excellent presentation, written and verbal communication skills; ability to clearly communicate and have excellent consulting skills.
- Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action.
- Sound knowledge on Industrial Control Systems ICS environment including design, protocols, and integration (OT 4.0 experience)
- Firewall, Next Gen Firewalls, and security network subject matter expert (SME).
Preferred Qualifications:
- CISSP, GICSP, CISM or CFSE/CFSP certification preferred.
- CCIE or CCNP certification desired
- Claroty, Zscaler, and Azure experience desired.
- Open-minded, flexible, and thrive in a highly dynamic, fast-paced, ever-changing environment.
- Exposure of onsite travelling, site audit/security audit would be plus.