(Cen) Ot Cyber Security Leader

Job Description

The OT Cybersecurity Leader will be responsible for developing, implementing, and managing the cybersecurity strategy for our operational technology environments. This role requires a deep understanding of both IT and OT systems, as well as the ability to lead cross-functional teams to ensure the security and integrity of our critical infrastructure.

Main Responsibilities

• Develop and implement a comprehensive OT cybersecurity strategy.
• Lead and manage a team of cybersecurity professionals.
• Conduct risk assessments and vulnerability analyses of OT systems.
• Design and implement security controls and measures to protect OT environments.
• Collaborate with IT and OT teams to ensure seamless integration of security practices.
• Monitor and respond to cybersecurity incidents and threats.
• Ensure compliance with relevant regulations and standards (e.g., NIST, IEC 62443).
• Provide training and awareness programs for staff on OT cybersecurity best practices.
• Stay updated with the latest cybersecurity trends and technologies.

Position Challenges

• Complexity of OT Systems: Operational Technology (OT) environments often include a wide range of legacy systems and proprietary technologies, making it challenging to implement standardized cybersecurity measures.
• Integration with IT: Ensuring seamless integration and coordination between IT and OT systems can be difficult due to differing priorities, protocols, and security requirements.
• Evolving Threat Landscape: The cybersecurity threat landscape is constantly changing, requiring continuous monitoring, updating, and adaptation of security strategies to protect against new vulnerabilities and attack vectors.
• Regulatory Compliance: Keeping up with and ensuring compliance with various industry regulations and standards (e.g., NIST, ISO 27001) can be demanding and time-consuming.
• Cultural and Organizational Resistance: Implementing new cybersecurity measures may face resistance from staff who are accustomed to existing processes and may not fully understand the importance of cybersecurity.
• Time Zone Differences: Coordinating activities and meetings across different time zones can be challenging. It requires careful planning to ensure that all team members can participate effectively.

Qualifications

• Bachelor’s degree in Computer Science, Information Technology, Engineering, or a related field.
• Minimum of 7 years of experience in cybersecurity, with at least 3 years in OT cybersecurity.
• Strong knowledge of OT systems, including SCADA, DCS, PLCs, and ICS.
• Experience with cybersecurity frameworks and standards (e.g., NIST, IEC 62443).
• Proven leadership and team management skills.
• Excellent problem-solving and analytical abilities.
• Strong communication and interpersonal skills.
• Relevant certifications (e.g., CISSP, CISM, GICSP) are a plus.

Soft Skills

• Management, presentation skills, public speaking, self-motivated, etc.

Internal/External Relations

INTERNAL

• Operations and Technology
• Enterprise Risk Management
• IT Servce management
• Local IT

EXTERNAL

• IBM – Managed Service Provider
• Price Waterhouse Coopers (PwC) Cyber Sec Consulting
• External Auditors for IEC 62443

CEMEX Diversity and Inclusion Statement

At CEMEX, we recognize the diversity of the world in which we live and in which we do business. We respect diversity, we address the inclusion and non-discrimination of any talented person, regardless of gender, physical ability, age, sexual orientation, culture, ethnicity, religion, political affiliation, marital status, pregnancy / maternity / paternity, and nationality. We promote a culture of equity for the construction of a sustainable business and the well-being and development of CEMEX employees.