OT Security Expert mwd 2844

ber ARLANXEO

Wir sind einer der weltweit grten Produzenten von Synthesekautschuk. Wir entwickeln produzieren und vermarkten Hochleistungskautschuke die fr eine Vielzahl von Anwendungen eingesetzt werden.

Wahrscheinlich verwenden Sie synthetische Kautschuke in Ihrem tglichen Leben ohne es zu merken. Fr die Fahrt zur Arbeit und nach Hause brauchen Sie Gummi in den Reifen Ihres Autos oder Fahrrads. Beim Duschen befindet sich eine Gummidichtung in Ihrem Wasserhahn. Beim ffnen des Khlschranks sorgen die Gummidichtungen dafr dass die Tr richtig schliet und die Klte drinnen bleibt. Neben diesen eher traditionellen Anwendungen wird unser synthetischer Kautschuk auch in Batterien fr Elektroautos in Windmhlen und Solarmodulen verwendet.

Als einer der Hauptakteure in der Gummiindustrie erkennt ARLANXEO an dass wir jede Phase im Leben unserer Gummiprodukte untersuchen mssen um ihren kologischen Fuabdruck zu verringern. Finden Sie heraus wie Sie bei ARLANXEO etwas bewegen knnen.

Tasks:

Generic:

• The individualwill be advising the OT key stake holders on appropriate OT Security solutions and technologies that needs be deployed participate in the necessary change management process in order to keep up to date with ever evolving cybersecurity threat landscape.
• You will be part of a team that operates and enhance the organization operational security capabilities from an monitoring detection and response perspective. The dutys can include consulting with operational technology stakeholders on best practices and industry standards which are focused on operational technology security.
• Support of Security System Upgrades and Application Updates with the focus on security improvement and operational effectiveness.
• Work closely on OT related projects and implementations (e.g. IDMZ Purdue Model DiD from an application and overall cyber information operational technology security perspective e.g. (application security endpoint protection etc.
• Align with the information security governance in drafting new standards policies operating procedures focused on Operation Technology security principles to drive maturity in the operational technology security environment
• Coordinate and align with local operational technology stakeholders on vulnerability remediation activities including socializing the newest identified vulnerabilitys applicable to the operational technology environment.
• Assist in driving the updating the operational technology asset register to be include in the global ITSM eco system.
• Align with Operational Technology stakeholders on the management of identified risks in conjunction with Cyber Security Risk Management team ensure risks are addressed in a timely manner as well ownership is assigned to the correct individuals or team.
• Be responsible as the Incident Response lead for any OT related incident ensuring incident response plans are activated executed based on the criticality of the event as well as the importance of the critical infrastructure identified during the incident process.
• Provide assistance to the cyber security compliance team during the of assessments and audits mandated by legislation or other group entitys within the organization with an focus on the operational technology environment.

Specific:

• Conducts ad hoc projects as needed
• Interact with small technical teams and provide leadership when needed.
• Provide expertise and consulting during the of Global projects

Qualifikation:

• Bachelors degree in Computer Science/ IT or related fields
• Similar professional education/certification in the Information Security/Operational Technology domain
• Operational experience in the Protection & Control and SCADA discipline would be an asset.

Experience needed:

• design documents provided by others and communicate security/operational technology design principles to different stakeholders in the organization e.g. IT Business Procurement Compliance and Legal.

• Capability to operate and implement OT security technologys including enhancement and trouble shooting when needed in specific operational scenarios. Knowledge and understanding of industry trends and new technologies and ability to apply trends to architectural functional and nonfunctional requirements.

• Experience in operating in an team as well as be able to operate individually with minimum supervision be a driver of his/her own destiny be proactive solve the issue before it becomes an issue solution focused.

IT Knowledge:

• Must have a thorough knowledge of the Windows concepts Domains Active Directory and its concepts and the interaction between hardware operating systems network data center cloud technologys and application software Linux and Unix is an added advantage
• Must have Experience with ICS systems and ICS security industry practices such as the Purdue Model ISA99 with exposure to Operational technologies and processese.g. HMIs PLCs DCSs and SIS EUCVFDPID
• Comprehensive working knowledge of one or more of the following: IEC 62443/ISA 99 ISO 27001 NIST SP 80082 CPNI Good Practice

• Deep understanding of TCP IP and other network protocols. Familiarity with DNS DHCP and other network services micro segmentation virtualization

• Familiarity with ICSrelated communications protocols (e.g. Ethernet ICCP DNPMBAP CIP MODBUS DNP3 S7 etc.
• Cybersecurity experience particularly in securing critical infrastructure/ ICS OT (to include PCS SCADA systems PLCs RTUs etc.
• Knowledge of main OT Application such are OSI PI LIMS MES etc.
• Knowledge of Cyber IT security domains (Network Endpoint Security Authentication Authorization models Interfacing API Web Cloud Technology Confidentiality Integrity Availability HIDS IDS Threat Intelligence principles TTP IOCs)
• Experience with CRITIScustomers Gas Oil Water Energy and Building/Facility (IIoT) architectures and Management Systems

Language:

• English and German
• French would be nice

Searching function: IT

Location: Cologne

Working time: fulltime

Was ARLANXEO Ihnen bietet

Bei ARLANXEO tun wir unser Bestes um Ihnen ein Umfeld zu bieten in dem Sie sich fachlich und persnlich weiterentwickeln knnen. Wenn Sie bereit sind Herausforderungen anzunehmen haben wir sie fr Sie. Es gibt immer Raum Ihren Horizont zu erweitern Neues zu lernen Teil eines Projektteams zu werden oder selbst ein Projekt zu leiten. Unsere Mitarbeiter loben ihre engagierten Kollegen und kooperieren miteinander. Wir versuchen dass Sie sich vom ersten Tag an wie zu Hause fhlen.

Bei ARLANXEO halten wir uns an lokale Gesetze und Gesetze und bemhen uns den Kandidaten einzustellen der fr die Stelle am besten geeignet ist.

ARLANXEO akzeptiert keine unaufgeforderten Bewerber die von externen Personalvermittlern oder Agenturen eingereicht werden. Jeder Lebenslauf oder jede Bewerbung die ARLANXEO ohne bestehenden Vermittlungsvertrag bermittelt wird gilt als unaufgefordert und als Eigentum von ARLANXEO und ARLANXEO zahlt keine Vermittlungsgebhr.