No sub-contracting ! Must be direct W/2. ONSITE REQUIRED IN OCEANSIDE CALIFORNIA ! Need:Cyber Security Engineer to:Role Summary The OT Cybersecurity Engineer plays vital role in protecting clients Manufacturing systems and networks against cybersecurity threats. This role is responsible for local architecture and engineering support, helping system owners and administrators in keeping their manufacturing environment up to date with the latest clients Manufacturing Cybersecurity standards, baselines and industry best practices.The OT Cybersecurity Engineer is a member of Manufacturing Cybersecurity Engineering Durable Squad led by the OT Cybersecurity Architect. Role Responsibilities Active involvement in the implementation of Manufacturing Cybersecurity Management System in the entire system and service lifecycle including Plan, Design, Build and Release, Operate and Maintain.This include activities like:
- Takes part in technical design reviews, integration, testing, and documentation activities concerning new OT systems Supports development of Manufacturing Cybersecurity standards and baselines OT Cybersecurity Advisor during OT System planning phase Participates in OT Cybersecurity Design reviews Supports OT System Risk Assessment process Advises System Owners in selecting appropriate security measures to mitigate risk Supports the coordination process for OT Security Patch planning Coordination of OT services and activities delivered by Vendors Reviews Manufacturing Firewall Requests Performs the design and sustainment of OT Security Monitoring (IIDS) at the Manufacturing Site Supports investigation after security breaches and develop suitable defense measures,
evaluate system changes for security implications, and recommend enhancements Supports vulnerability management process in OT area Supports development of strategies to respond to and recover from a security breach in OT environment- Technical support during Incident Response process including steps to minimize the impact,
conducting a technical and forensic investigation into how the breach happened and the extent of the damage- Team up with the Manufacturing Cybersecurity Representative
- Define, plan, and direct the execution of a broad range of technical projects (both applications and infrastructure related) while balancing the competing demands of scope, time, cost, quality, resources, and risk to produce a high quality product
- Identify, acquire, and lead multi-functional, global project teams (project team sizes 15)
- Ensure project objectives/requirements are clear and agreed to by all stakeholders
- Manage relationships with various technology and business communities to achieve project objectives Facilitate project management activities across the entire project management methodology
- Ensure successful and timely completion of deliverables
- Conduct risk management planning, identification, analysis and monitoring on projects
- Formulate risk mitigation strategies and recommend solutions
Skills: CompetenciesManagement skills Attention to details and good problem-solving skills Ability to multi-task with a calm behavior and work under pressure in a fast-paced environment Good team player, self-confident, motivated, and independent Good communication skills Planning, researching and developing security policies, standards and proceduresTechnical skills Expertise in anti-virus software, intrusion detection, firewalls and content filtering in OT Knowledge of risk assessment tools, technologies and methods Expertise in designing secure networks, systems and application architectures Disaster recovery, computer forensic tools, technologies and methods System administration, supporting multiple platforms and applications Endpoint security solutions, including file integrity monitoring Deep understanding of cybersecurity terms and principles (defense-in-depth, network segmentation, security monitoring and incident response, access management, OT patch management, secure remote access, anti-malware protection etc.) Very good knowledge about local manufacturing and automation systems in use Advanced knowledge on networking (LAN/WAN) and industrial networking including significant low-level networking experience with the TCP/IP (Transmission Control Protocol/Internet Protocol) Solid knowledge on IT and OT infrastructure, including PLC security and protection Current knowledge of technology capabilities and trends; types, and techniques of hacking attacks Proficient in Java, Net, C, Python, bash, power shell One of five potential security-related certifications (Certified Ethical Hacker (CEH), CompTIA Security+, Certified Information System Security Professional (CISSP), ISA/IEC 62443 Cybersecurity Specialist certification, Global Industrial Cyber Security Professional (GICSP)) Solid knowledge on IT infrastructure and service deployment model within Roche Other: Fluent English is mandatoryGood local language is mandatory Keywords:Education: Education Minimum Bachelor's degree ( Master preferred ) in Computer Engineering, Automation Engineering or similar Minimum 5 years of experience in system and/or network administration Skills and Experience:Required Skills: CCISSPCOMPTIACYBER SECURITYDISASTER RECOVERYAdditional Skills:DOCUMENTATIONENGINEERFORENSICFORENSIC INVESTIGATIONINCIDENT RESPONSEINTEGRATIONJAVAMALWARENETWORK ADMINISTRATIONNETWORKINGPROJECT MANAGEMENTPYTHONREMOTE ACCESSRISK ASSESSMENTSECURITYSEGMENTATIONSYSTEM SECURITYTCPTCP/IPTEAM PLAYERTECHNICAL DESIGNTRANSMISSION CONTROL PROTOCOLTRANSMISSION CONTROL PROTOCOL/INTERNET PROTOCOL ARCHITECTURE DEPLOYMENT ENGINEERING SUPPORT FIREWALL FIREWALLS INTEGRATOR INTRUSION INTRUSION DETECTION IT INFRASTRUCTURE LAN LAN/WAN MITIGATIONLanguages:English Read Write SpeakMinimum Degree Required: Bachelor's Degree Certifications & Licenses: CISSPCertified Ethical HackerCertified Information System Security ProfessionalSecurity+
