Senior Manager, Cyber Security Engineering (Plant Security)

About The Position

Requirements

• Minimum 5 - 7 years in cybersecurity, with exposure to manufacturing and retail environments (i.e. networks, Point of Sale, industrial control systems, on-prem and cloud infrastructure) as well as managing teams.
• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.

Nice To Haves

• Technical skills: Networking protocols, firewall management (Palo Alto and Fortinet), intrusion detection systems, endpoint protection, cloud security (AWS, Azure), scripting languages (Python, Bash, PowerShell), and vulnerability scanners.
• Knowledge of OT systems: Familiarity with SCADA, PLCs, DCS, and industrial communication protocols like Modbus, OPC-UA, and Ethernet/IP
• Knowledge of Retail systems: Familiarity with retail security design and PoS system security
• Experience with on-prem and cloud environments related to manufacturing and retail
• Experience with establishing zero-trust architectures and segmentation
• Understanding of regulatory and safety standards applicable to manufacturing and retail such as OSHA, NIST SP 800-82, ISO/IEC 27019, PCI, and GDPR
• Ability to develop training programs for non-technical manufacturing staff to minimize human-related cyber risks
• Ability to influence with a strong presence
• Soft skills: Analytical mindset, problem-solving, attention to detail, strong communication skills, and ability to work under pressure
• Certifications: CISSP, CEH, CISM, OSCP, or GICSP (Global Industrial Cyber Security Professional) preferred
• Advanced degrees or specialized certifications in industrial cybersecurity are advantageous.

Responsibilities

• Ownership of short to mid-term (1-3 years) execution of functional strategy and the operational direction of the department.
• Drive continuous improvement in the security of the manufacturing and retail environments with a goal of enabling the business while balancing security and functionality.
• Design and implement security solutions: Develop robust IT and OT security architectures to protect retail and manufacturing networks and industrial control systems.
• Vulnerability management: In partnership with TDR, conduct routine penetration testing, vulnerability assessments, and risk analyses to identify and remediate security weaknesses.
• Protect against threats: Assist with the deployment of IDS/IPS, and endpoint security tools to assist in the protection against security incidents and breaches.
• Respond to threats: Respond to security breaches and coordinate forensic investigations within a high-stakes production and retail environment.
• Compliance and documentation: Ensure adherence to frameworks like NIST, ISO 27001, IEC 62443 for industrial cybersecurity, and partner with GRC to maintain policies, standard operating procedures, and audit logs. Update and maintain security policies and compliance documentation.
• Collaboration: Work with IT, production, software development, and compliance teams to integrate cybersecurity measures into manufacturing and retail processes. Integrate cybersecurity best practices into ongoing production and software development projects.
• Training and awareness: Educate plant staff and IT personnel on security best practices and social engineering prevention.
• Manage and develop a team of cybersecurity professionals. Provide guidance and mentoring to junior cybersecurity personnel.
• Advise, govern, and Influence manufacturing and retail leaders on security needs.

Benefits

• A supportive and engaging onboarding experience to ensure a smooth transition into our team.
• The opportunity to develop and grow, through training and regular mentorship.
• Corporate Social Responsibility activities.
• A truly global, dynamic and challenging work environment.
• Agility and work/life effectiveness and your long-term well-being.
• A diverse and inclusive team.