- Company Name
- The Planet Group
- Job Title
- Information Technology Security Manager
- Job Description
-
**Job Title:** Information Technology Security Manager – Operational Technology (OT)
**Role Summary:**
Lead the development, implementation, and governance of the OT security operating model for a global manufacturing organization. Ensure OT/ICS environments are protected against downtime, safety incidents, and regulatory non‑compliance by managing risk, controls, monitoring, and incident response while collaborating with engineering, operations, and IT stakeholders.
**Expectations:**
- Establish and maintain OT security policies, standards, and procedures aligned with industrial and regulatory frameworks.
- Drive risk‑based oversight, asset management, vulnerability handling, and network segmentation for manufacturing systems.
- Integrate OT monitoring with the central SOC, develop detection playbooks, and ensure incident readiness.
- Support compliance evidence generation for defence and corporate standards (e.g., DEFCON, CMMC).
- Provide security guidance for architecture changes and mentor the OT security team.
**Key Responsibilities:**
- Define OT security operating model (RACI, escalation paths) with engineering and operations.
- Create and manage OT risk register and site‑level risk documentation.
- Build and maintain OT asset inventories, classification, and criticality mappings.
- Execute OT‑specific vulnerability management, including safe patching and compensating controls.
- Implement IT/OT network segmentation, access controls, and remote‑access policies.
- Supply security input to architecture and change governance processes.
- Integrate OT telemetry into SOC/SIEM, develop detections, runbooks, and conduct tabletop exercises.
- Establish OT backup, recovery, and resilience expectations for critical systems.
- Assist with defence and corporate compliance (DEFCON, CSM, CE+, CMMC) by implementing controls and preparing evidence.
- Perform OT‑focused control checks and coordinate with IT GRC/PMO on assurance activities.
- Produce clear, stakeholder‑friendly OT security documentation and communications.
- Mentor and develop team members to meet individual and collective objectives.
**Required Skills:**
- Proven OT/ICS cyber‑security management experience.
- Deep knowledge of security frameworks (e.g., IEC 62443, NIST 800‑82) and ability to translate them into practical OT controls.
- Strong stakeholder management across engineering, operations, and IT.
- Excellent analytical, problem‑solving, and decision‑making abilities.
- Vendor management and delivery oversight.
- Superior written and verbal communication, with experience drafting technical and procedural documentation.
**Required Education & Certifications:**
- Bachelor’s degree in Computer Science, Information Security, Engineering, or a related discipline.
- Relevant security certifications (e.g., CISSP, CISM, GICSP, CEH) preferred but not mandatory.
- Additional certifications or training in OT/ICS security standards (IEC 62443, NIST 800‑82) advantageous.