Operations Technology Cybersecurity Manager - Monterrey, México - Nemak

Nemak

Empresa verificada

Monterrey, México

hace 1 semana

Publicado por:

Rodrigo Fernández

Reclutador de talento para beBee

Descripción

Objective

Develop and implement an Operations Technology Cybersecurity Program (OT Cybersecurity Program) to improve the security posture in our production plants globally to reduce the likelihood of cybersecurity-related disruptions.

The OT Cybersecurity Program should aim to ensure business's continuity and resiliency to protect our manufacturing operations.

Main Responsibilities

Develop and execute a comprehensive

Global Security Strategy:
Create and implement a strategic plan to safeguard the organization's operations technology systems and infrastructure.

Risk assessment and management: Identify potential vulnerabilities and risks within the operations technology environment and develop strategies to mitigate them effectively.
Security policy and procedure development: Establish and enforce security policies, standards, and procedures that align with industry best practices and regulatory requirements.
Incident response and management: Develop and oversee protocols for handling security incidents, including investigation, containment, and recovery.
Security awareness and training: Implement training programs to enhance OT Staff understanding of security threats, promote a culture of security awareness, and ensure compliance with security policies.
Evaluate relationships with vendors and service providers to ensure their adherence to security requirements and standards and define proper controls to reduce the risk of a security incident.
Security audits and compliance: Ensure regular audits and assessments are conducted to evaluate the effectiveness of security controls and address any identified gaps.
Security architecture and technology: Collaborate with IT teams to design and implement secure network infrastructure, access controls, and monitoring systems for operations technology.
Define processes to report incidents and properly communicate them to the management and organization. Define processes to have a global overview of incidents, and vulnerabilities, and define risk mitigation measures.
Define, plan, implement and monitor the controls to reduce the risk associated to cyberattacks in plant operations globally at Nemak.
Collaborate with Plant Managers, Operations Directors and OT Staff in the plants to ensure controls and processes are implemented to improve cybersecurity posture in the plants.
Develop a strategic plan and measures to protect and secure the technology systems in plant operations to ensure business's continuity and resilience.
Collaborate with Plant Managers, Operations Directors and OT Staff in the plants to ensure controls and processes are implemented to improve cybersecurity posture in the plants.

Position Requirements

Bachelor's Degree in Industrial Engineering, Mechatronic Engineering and Systems Engineering. Master degree is desirable
Experience required:

Cybersecurity Frameworks:

NIST, ISO27001, CIS, Risk Assessment and Management, Incident Response and Forensics, Network and Infrastructure Design, Industrial Control Systems (ICS).

Solid experience in information security, with a focus on operational technology (OT) systems
Indepth knowledge of OT systems, protocols, and technologies, including SCADA, PLC, DCS, and industrial control systems (ICS)
Strong understanding of cyber threats and vulnerabilities specific to OT environments, and experience implementing security controls to mitigate risks.
Knowledge on relevant regulations and standards, such as NIST SP 80082, IEC 62443, and ISO 2700
Experience with security assessment tools and techniques, including vulnerability scanning and penetration testing of OT systems.
Strong project management skills with the ability to prioritize and manage multiple initiatives simultaneously.
Excellent analytical and problemsolving skills, with the ability to quickly identify and resolve security issues.
Strong communication and leadership skills, with the ability to collaborate effectively with crossfunctional teams and senior management.
Relevant certifications such as CISSP, CISM, GIAC GICSP, or equivalent are highly desirable.
Experience defining and implementing Information Security OT Strategies.
Self-Motivation and initiative
Advanced English and Spanish.
At Nemak, Diversity, Equity and Inclusion (D&I) play a fundamental role in everything we do and are the underlying platform on which our culture is built. We foster a culture that is safe, respectful, fair and inclusive for all of our employees and job applicants. Our value proposition relies on innovation and crosscultural teamwork, which is only possible when we strive for belonging and commitment to Diversity, Equity and Inclusion. We understand the impact equality and of varied perspectives that welcome better ideas to solve complex problems for improvement and transformation._
We are proud to have biasfree conditions of employment, including recruiting, hiring, placement, and promotions, and