Hello. We’re Haleon.A new world-leading consumer health company. Shaped by all who join us. Together, we’re improving everyday health for billions of people. By growing and innovating our global portfolio of category-leading brands – including Sensodyne, Panadol, Advil, Voltaren, Theraflu, Otrivin, and Centrum – through a unique combination of deep human understanding and trusted science. What’s more, we’re achieving it in a company that we’re in control of. In an environment that we’re co-creating. And a culture that’s uniquely ours. Care to join us. It isn’t a question.
With category leading brands such as Sensodyne, Voltaren and Centrum, built on trusted science and human understanding, and combined with our passion, knowledge and expertise, we’re uniquely placed to do this and to grow a strong, successful business.
This is an exciting time to join us and help shape the future. It’s an opportunity to be part of something special.
About the role
ThePrincipal OT Security Architectis a critical role in the Digital and Tech Information Security organization supporting our OT Manufacturing sites to maintain the highest level of service availability and keep our network security levels ahead of our business demands, while pushing for more standardization through automation. The Principal OT Security Architect will assess, improve, and maintain the network security of the global manufacturing Operations Technology (OT) environment, and build new processes & procedures and develop guidelines for the business to adhere to. The Principal OT Security Architect will assess, improve, and maintain the cybersecurity posture of Global Manufacturing Operational Technology (OT) environment including Industrial Control Systems (ICS), Factory Automation systems and others as needed. Additionally, will be a subject matter expert (SME) in delivering controls to mitigate both insider and external risks. security risks.
Role Responsibilities
Lead all aspects of architectural activities for a technology domain, or architectural practice area, or manage the development of solution architectures for projects or programs within a business area.
Define standards and direction of architecture in the specific business or technical domain. Define and develop the logical design and information management strategies vital to store, move and manage data in a new target state.
Create architecture patterns to suggest the most adequate utilization of technical platforms in support of the holistic solution architecture design.
Define, build, and evolve the Architecture Governance Framework (e.g., architecture methods, practices and standards) for IT/IOT/OT.
Define, design, apply and support security controls to OT systems in our sites and own and define the architectural security standards for OT. The candidate will lead a team of domain specialists on this matter.
Analyzes, designs, and develops roadmaps and implementation plans based upon a current vs future state.
Develop and implement measures, tools, and technology to monitor compliance with company security policies and procedures, laws and regulations.
Leads the research and analysis of new security trends relating to OT security network.
Manages relationships with engineering teams and collaborates with teams across the organization to ensure network security levels are maintained at the highest level.
Explores raw network traffic & performs in-depth data analysis utilizing various tools.
Create useful and creative data queries & relevant dashboards and reports to key stakeholders.
Initiation, Prioritization, and design of R&D work based on customer needs.
Optimize operational excellence and ensure best practices for security are followed.
Claroty, Palo NGFW, and Zsclaler solution design, operation, and reporting.
Serve as a key thought leader, helping to maximize the value of Information Security and IT.
Define and monitor metrics to assess the overall value/maturity of cybersecurity investments.
Serve on various forums (e.g., Information Security / OT Lead Teams) to analyze projects, programs, and products to ensure they are technological sound, will do no harm, and will deliver the expected outcomes.
Recognize the value of emerging technologies and practices with intent to accelerate cybersecurity capabilities for manufacturing and lab environments.
Develop and implement measures, tools, and technology to monitor compliance with company security policies and procedures, laws, and regulations.
Perform testing against ICS/OT devices, networks, and security control mechanisms.
Provides leadership, technology guidance, collaboration and mentoring of key stakeholders and teams; develops and motivates to create a positive culture and working environment
Basic Qualifications:
Bachelor’s degree in computer engineering, Electrical Engineering, Computer Science, or a related technical field
5+ years of IT and Operational Technology Security experience with a focus on working with Industrial control system cybersecurity frameworks, such as IEC62443, NIST (CSF) Cyber Security, and SANS CIS control frameworks.
Expertise on developing OT security programs and securing OT security network architectures.
Solid foundation in laboratory / ICS support which was build up with IT topics like network architectures, network protocols, industrial protocols, Active Directory, Backup processes, virtualization of applications and other general IT knowledge.
Fundamental knowledge in IT-Security threat modelling, vulnerability assessments and pen-testing.
Experienced in the use of tools for incident investigations, simulation, and forensics - GxP regulations.
Ability to present technical design proposals and reports to customers and/or other senior engineering, management, and government groups in clear, complete, concise, and non–ambiguous terms.
Excellent presentation, written and verbal communication skills; ability to clearly communicate and have excellent consulting skills.
Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action.
Sound knowledge on Industrial Control Systems ICS environment including design, protocols, and integration (OT 4.0 experience)
Firewall, Next Gen Firewalls, and security network subject matter expert (SME).
Preferred Qualifications:
CISSP, GICSP, CISM or CFSE/CFSP certification preferred.
CCIE or CCNP certification desired
Claroty, Zscaler, and Azure experience desired
Add role preferred qualification bullets
Open-minded, flexible, and thrive in a highly dynamic, fast-paced, ever-changing environment.
Exposure of onsite travelling, site audit/security audit would be plus.
Excellent communication skills, oral and written. Fluent language skills in English
Embrace Flexibility with Haleon
Location:This exciting opportunity offers a flexible hybrid work arrangement, allowing you to contribute from our Weybridge and London offices as needed.
We believe in an agile working culture for all our roles. If flexibility is important to you, we encourage you to explore with our hiring team what the opportunities are.
Please save a copy of the job description, as this may be helpful to refer to once the advert closes.
#Li-Hybrid
Care to join us. Find out what life at Haleon is really like www.haleon.com/careers/
At Haleon we embrace our diverse workforce by creating an inclusive environment that celebrates our unique perspectives, generates curiosity to create unmatched understanding of each other, and promotes fair and equitable outcomes for everyone. We're striving to create a climate where we celebrate our diversity in all forms by treating each other with respect, listening to different viewpoints, supporting our communities, and creating a workplace where your authentic self belongs and thrives. We believe in an agile working culture for all our roles. If flexibility is important to you, we encourage you to explore with our hiring team what the opportunities are.
As you apply, we will ask you to share some personal information, which is entirely voluntary. We want to have an opportunity to consider a diverse pool of qualified candidates and this information will assist us in meeting that objective and in understanding how well we are doing against our inclusion and diversity ambitions. We would really appreciate it if you could take a few moments to complete it. Rest assured, Hiring Managers do not have access to this information and we will treat your information confidentially.
Haleon is an Equal Opportunity Employer. All qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.
Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, Haleon may be required to capture and report expenses Haleon incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure Haleon’s compliance to all federal and state US Transparency requirements.
