ICS Security Coordinator

The ICS Security Coordinator is an authority in IT / OT security for the organization, reporting to the ICS Security Manager, which is part of the global Information Security organization. 

The ICS Security Coordinator will serve as a knowledgeable resource to the Site Leadership Teams (SLT’s) providing leadership and direction pertaining to IT-OT Foundational Security.

This role is responsible for the support of technical solution planning and implementation involved in IT-OT Foundational projects and Digital Transformation projects.

The role is responsible for working closely with our ICS Security team, plant manufacturing leaders and engineers, SMEs, and IT engineers/architects to plan implement and support our ICS Security standards.

The role will also support the development, refinement, publishing, and socialization of policies, standards, processes, procedures and guidelines for IT/OT Security and ensure that site compliance assessments are performed to measure compliance with IT and OT security standards.

The role will also provide technical guidance and ensure that solutions used by Celanese meet security requirements.

The role must have experience working within manufacturing sites and have advanced knowledge of multiple technology platforms, both IT and OT. 

The ideal candidate will possess a balance of meeting the tactical demands of today without compromising the strategic planning for the future, understanding the importance of people, process, and technology in that equation. He or she will be a strong advocate for effectively engaging and including respective coworkers.

• Site Leadership Teams: Serve as a knowledgeable resource to the Site Leadership Teams (SLT’s) providing support and direction pertaining to IT-OT Foundational Infrastructure and ICS Security.
• Site Applications: Work with the ICS Security Team, OT admin to implement and support an IT-OT Foundational Infrastructure, integrated with Manufacturing Application Services
• Site security:
  • Monitor Vulnerabilities and work with OT Admin / Asset Leaders to mitigate potential impacts and take corrective actions
  • Improve the ability to resist, detect, respond to, and contain cyber attacks
  • Work with ICS Security, IT Security Operations and Engineering to plan and implement Global Security Policies
  • Work with technical resources, architects to plan and implement cyber security activities appropriate for all Purdue Levels (PCN Core, PCN DMZ, and PCN Services, PCN Access, within the Manufacturing Site)
  • Support ICS Risk Assessments
  • Perform compliance audits of security policies, standards, processes, procedures, guidelines and regulatory requirements
  • Advise and specify on hardware and software procurement
  • Assist in IT/OT security and network setup and implementation
  • Work with the Site Leadership Teams (SLT’s) to assess existing systems and plan lifecycle management
  • Provide support for Change Management and Administrative Security Controls
  • Provide Network Infrastructure and Firewall Services Support
  • Provide support for Lifecycle, Asset and Portfolio Management, Demand, Project, Investment Management, Governance, and Risk Management
  • Provide training of Policies and Procedures

Required Skills and Experience  

• Understands the difference between IT and OT
• Knowledge and experience in manufacturing, and Industrial Control Systems automation and or Industrial Control System Cyber Security Protection.
• ICS Risk Assessments
• Knowledge in Risk, Assessment / Management
• Knowledge in Security Management (Vulnerability, Incident, Patch Management)
• Knowledge and experience with industry standards e.g., NIST SP800-82, IEC62443, ISA TR84.00.09, IEC 61511, CFATS
• Knowledge and Experience with regional / local regulations and laws (e.g. MLPS 2.0)
• Fundamental understanding of industrial network communication protocols (For example: TCP/IP, UDP, Modbus, OPC, PROFINET, WiHART etc.)
• General knowledge and experience in Manufacturing Applications; including:
  • Process Historian
  • Manufacturing Execution Systems
  • Advanced Process Control, Dynamic Matrix Control
  • Predictive Maintenance
  • IIOT
• Applied knowledge and experience in IT/OT Infrastructure at manufacturing facilities.
• Advanced knowledge of Network Infrastructure Fundamentals, plot plans, cable plans, logical and physical and wireless network design, equipment elevations, racks, space, power, hvac, physical access controls and environmental requirements, etc.
• Knowledge and experience in:
  • Windows, Active Directory, DNS, DHCP, SCOM, SCCM, WSUS, NTP
  • Linux
  • VMWARE, HyperV, Azure
  • Cisco, Palo Alto, Tofino, etc.
  • Rapid7
  • SCOM
  • TCP/IP, UDP, TMS, SNMP, SFTP, HTTPs,
  • Wireshark
  • CyberArk 
• Demonstrated ability to serve as a knowledgeable resource to the Site Leadership Team (SLT) providing support and direction
• Evidence of the ability to practice a high level of confidentiality
• Excellent organizational management skills
• Ability to work effectively across a diverse technical team
• Self-motivated requiring minimal supervision
• Demonstrated ability to work in a fast pace environment with many changes
• Effectively prioritize resources against workload demand
• Bachelor’s degree in a technical discipline (or equivalent work experience)
• Minimum of 5 years experience in IT or OT within Manufacturing Industry
• Outstanding interpersonal relationship building and employee coaching and development skills
• Excellent written and spoken communication skills
•  
• Desired Skills and Experience(Not required but would be a bonus for any candidate)
• Knowledge of the functions, operation and mission of Manufacturing Operations
• Process Automation / Control Background in the Chemical Area
• Fundamental knowledge of various industrial network solution providers to include Cisco, Fortinet, Palo Alto, Tofino, Hirschman, Nozomi, Claroty, CyberX, and Armis.
• Fundamental knowledge of various technologies and their integration into an ICS enterprise
• Experience with multiple operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, Distributed Control Systems (DCS), and Safety Instrumented Systems (SIS).
• Knowledge about functional Safety
• Knowledge in Remote Access, Remote Operation