OT Security Engineer

INEOS Composites US LLC

OT Security Engineer

INEOS has an exciting opportunity for an OT Security Engineer to join our Enterprises business at our Columbus, OH location.

INEOS is a global manufacturer of petrochemicals, specialty chemicals and oil products. Our products touch every aspect of modern life. INEOS comprises 36 businesses each with a major chemical company heritage. Our production network spans 194 sites in 29 countries throughout the world. INEOS Enterprises is a global market leader in the production of chemical intermediates that are used as an essential input into chemical value chains across a broad variety of end markets and sectors.

Job Objective

The primary objective of the OT Security Engineer will be to develop and deliver the Enterprises OT security vision, policies, and implementation in line with group standards. Role has global responsibility of designing, implementing, and maintaining security controls within OT environments. The role will act as interface between Enterprises IT and OT teams and be expected to help design and implement group security standards at a local level. The role will monitor OT networks and systems to detect any suspicious or hostile activities. The role will work with local OT teams to implement measures and take actions to defend against malicious attacks. In the case of an OT incident, the role will lead remediation efforts.

Key Responsibilities of the position include, but not limited to:

• Identify and implement appropriate security controls across all of the INEOS Enterprises operational sites inline with INEOS group standards.

• Coordinate with IT and OT to develop, test and implement incident response plans specific to OT environments. Act as incident coordinator during OT security incident, performing investigation, response and recovery activities.

• Implement appropriate tools and processes to monitor OT systems for anomalous activity and system vulnerabilities. Monitor security platforms to identify suspicious or malicious activity. Take mitigating actions to contain the activity and minimize impact. Facilitate forensic analysis to determine the source of the threat.

• Perform internal security audits on OT systems and networks against INEOS group security standards. Alternatively, provide support to any person or team tasked with performing such auditing.

• Appraise and review current OT architectures, including DMZ's, and make recommendations for improvement to align with best practices and group standards. Act as technical authority to review proposed changes to OT architecture.

• Develop and deliver appropriate security awareness activities specifically targeting OT systems and practices.

• Collaborate with IT and OT teams to integrate group security controls and measures into OT systems and processes. Collaborate with IT Security Lead to align OT security practices with overall IT security strategy.

Qualifications:

• Minimum of 5 years' experience in cybersecurity role within operational industries.

• Relevant cybersecurity certification CISSP, SSCP, CISM, GICSP, or ISA/IEC 62443 Cybersecurity Expert. Any networking certification a plus.

• Strong written and oral communication skills with the ability to communicate technical information to non-technical audiences.

• Knowledge of a variety of current and emerging technologies

• Understanding of current threats and trends in IT & OT security

• Independent & self-motivated personality

• Good collaboration and team-working skills with experience of globally distributed teams

• Ability to identify & manage risks, issues & complexities involved in changing processes

• Proven history designing and implementing security strategies.

• Proven experience in securing SCADA, ICS, and other OT environments

• Strong knowledge and understanding of IT and OT cyber security best practices

• Demonstrable working knowledge of IP networking

• Experience of risk analysis and conducting risk assessments.

• Experience managing security incidents through the entire incident lifecycle.

• Experience with threat analysis, anti-virus and EDR solutions to include monitoring and remediation

• Experience designing and implementing secure networks to include LAN, WAN, VPN, and DMZ solutions

• Operational environment experience a plus

• Network certification a plus