Operational Technology (OT) Security Expert

The Operational Technology (OT) Security Expert identifies legal and customer OT Security requirements and assures the definition and implementation of audit-proof policies, processes and guidelines in the GEA’s production environments (e. g. IIoT – Industrial Internet of Things, ICS – Industrial Control Systems, SCADA). He develops, defines, and improves the security of the Operational Technology. The OT Security Expert is responsible for the security of the production processes, including network security, security of production and automation environments and IIoT systems.

Responsibilities / Tasks

• Single point of accountability for all aspects of Operational Technology (Production/Shopfloor) Security (scope, quality, pricing, delivery), in alignment with Chief Information Security Officer (CISO)

• Accountable for identification of legal and customer OT security requirements and assures the definition and implementation of audit-proof policies, processes and guidelines for GEA’s production environments (e. g. IIoT – Industrial Internet of Things, ICS – Industrial Control Systems, SCADA)

• Responsible for the implementation of OT Security Strategy in synchronization with information security, production and digitalization strategy in the GEA production sites

• Responsible for the development and continuous standardization, optimization and automation of OT security framework and architecture, incl: threat modelling, data modelling and segregation and secure cloud integration

• Responsible for the implementation of OT security requirements and security measures in the production environments

• Responsible for the further development of GEA’s OT Security standards

• Advising the OT, production and automation departments on the identification and mitigation of risks in those environments

• Very close interaction with various business areas (global and local production, risk management, compliance and data protection, legal, sales, IT Enterprise Security Architecture as well as automation and product development departments)

• Share business and customer problems with the production teams and work on improvements

• Consulting in projects and platforms in the field of OT security and in the protection of production and automation technology

• Consulting regarding the secure creation, commissioning and operation of OT

• Documentation, analysis and further development of KPIs for OT Security

• Contact person for the documentation and processing of security incidents in the production environments

Your Profile / Qualifications

• Bachelor’s Degree in information technology/ Computer Science / Engineering, Business Administration, or a related technical discipline

• Deep knowledge in ICS, IIoT, SCADA systems.

• IT Security Certifications advantageous (e.g., ISA/IEC 62443 Certifications, CISSP: Certified Information Systems Security Professional, ISO 27001 Lead Auditor, CISA: Certified Information Systems Auditor)

• 5+ years of experience related to IT/OT Security in a similar role related to ICS, IIoT, SCADA

• Several years related work experience in industrial / OT / manufacturing environment or in IT-Service-Delivery / IT-Operations / IT-Architecture

• Significant qualities in management and conception as well as operationalization of complex issues in the security environment

• Proofed Experience in industrial security standards like ISO 62443

• Experience in automation, Industry 4.0 Operational Technology (OT) and Industrial Control Systems (ICS) (DCS, SCADA, PLC, etc.)

• Experience in firewall systems and expertise in vulnerability management

• Knowledge of use and configuration of supplementary IT security architectures (e.g. SIEM, IDS / IPS) and the special requirements of OT systems

• Knowledge about standard methodologies related to networking and system security (WAN, Routing, Proxy)

• Experience with network protocols such as TCP, UDP, IPSec, SSL and DNS

• Experience with patch management for operating systems and applications knowledge about encryption technology

• Strong interpersonal skills in communication and collaboration

• Strong communication skills, in English, local language is a plus

• Structured working methods, analytical thinking

• Strong analytical ability, business acumen, problem solving skills

• Initiative, ability to work under pressure in combination with high commitment and organizational talent

• Capabilities, in financial & Budget ownership

Did we spark your interest?
Then please click apply above to access our guided application process.