Security Consultant

Ref No. EMP430605
Location Brentford, England
Start date ASAP
Job type Contract (12 Months )
Job Status Closed
You can not apply for this job as its status is Closed.
  • Share:


A well-known Pharmaceutical organisation is requiring an experienced Security Specialist to support the design/build and delivery of a Security Internal Control Framework within an automation environment.


Security Consultant

The Job

A well-known Pharmaceutical organisation is requiring an experienced Security Specialist to support the design/build and delivery of a Security Internal Control Framework within an automation environment.

The Senior Operational Technology (OT) Security Specialist is a senior member of the GMS OT Security team focused on GMS manufacturing automation systems. The role is accountable for defining, developing, assessing, approving and delivering complex and innovative solutions to reduce OT Cyber security related risks across GMS, which may inhibit the organisations manufacturing operations, resulting in safety, quality, financial or reputation impact.

This person will act as a Subject Matter Expert for the technology & processes related to OT Cyber Security, will ensure that good security practices are embedded across GMS manufacturing sites (currently circa 70 sites), make recommendations for improvement / oversight and set the direction of the OT security strategy.

Key Responsibilities

Strategy & Standards
* Act as the technical authority, develop or contribute to cyber training, processes and standards for manufacturing automation systems
* Develop in depth knowledge of the organisations technology, systems and processes deployed to protect our manufacturing automation systems from cyber security threats
* Analyze, design and document reference architectures for manufacturing automation system deployed across GMS aligned to industry standards and best practices to reduce the risk and impact of cyber security incidents
* Work with key vendors to ensure vulnerabilities & threats are risk assessed and develop appropriate mitigation activities where required
* Define standards, review and approve firewall rules to facilitate integrated with IT & MES systems whilst maximizing protection of the automation systems hosted on the OT network infrastructure
* Work with the sites to ensure that any cyber security incidents and alerts are responded to and completed with the appropriate sense of urgency to ensure that cyber security risks are minimized
* Work throughout the GMS network to define logging, alerting, patching processes to identify, reduce and mitigate cyber security risks and vulnerabilities
* Assist sites in auditing that OT cyber security procedures are in place and in use
* Work with the sites to develop CAPA for any cyber security related findings
* Support the sites in recovery from cyber security incidents and investigations

* Work with the sites to capture & maintain a comprehensive OT asset inventory of all automation manufacturing systems and devices
* Work with sites and GMS Tech groups to define, implement and test system specific firewall rules related to OT systems
* Work with sites to ensure that automation systems are protected with the appropriate level of cyber security protection and security controls based on a defense in depth principles
* Work with GMS Tech groups to deliver the required secure network infrastructure and segmentation based on recommended reference architectures and industry standards
* Work with sites to ensure alignment with direction of strategic OT security solutions such as secure remote access, network segmentation and OT access management (workflow, OT Active Directory, password management)
* Work with sites and GSK Tech to ensure that the appropriate cyber security and system monitoring tools are in place and in use
Technology SME
* Technical authority or SME on GSK OT architecture and infrastructure with broad general knowledge on IT applications and infrastructure with specific knowledge on several of the following:
- IT Networks (switches, routing, firewalls)
- Firewall rules, logging, monitoring, IDS/IPS and troubleshooting (Checkpoint & Palo Alto)
- Microsoft Active Directory
- Enabling services (e.g NTP, SMTP, patching, AntiVirus)
- System integration technologies (OPC, XML, middleware)
- Database knowledge (SQL, Oracle, data warehousing, architecture)
- Current and legacy operating systems (Microsoft Server, Microsoft Clients, Linux)
- Server infrastructure (VMWare ESXi, storage)
* Technical authority or SME on manufacturing automation systems, device and applications with specific knowledge on several of the following
- Specific knowledge on control systems from a wide range of vendors (PLC, DCS, SCADA)
- Manufacturing Execution Systems (Data historians, EBR, OEE, SAP)
- ISA Standards (ISA 99/IEC62443, S95, S88)
- Communication networks and protocols (Serial, Profibus, Ethernet)

Knowledge/ Education / Previous Experience Required:
* Preferred Level of Education Degree (BSc/BEng/MSc equivalent)
* Specialist training in OT Cyber Security (e.g. IEC62433)
* In depth expert knowledge of diverse range of manufacturing automation systems
* 10+ years manufacturing automation experience with several years in technical roles with exposure to IT infrastructure and Cyber Security risk reduction
* Effective communication skills with the ability to interface with operational, capital projects and senior management within the organization - Scope and scale of challenge necessitates a leader with the right proven experience, strategic thinking and execution capabilities. Credibility (through experience) is essential to success in this role.
* Broad knowledge and practical experience of computer and application validation (preferably using GAMP methodology), cGMPs, and 21 CFR Part 11 in an FDA regulated environment
* Working knowledge and understanding of current Good Manufacturing Practices including Good Documentation Practices

Contract for an initial 12 months paying in the region of £675 per day LTD.

Networkers acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers and is part of Gattaca Plc.

Gattaca Plc provides support services to Networkers and may assist with processing your application.

You can not apply for this job as its status is Closed.
  • Share:


Related jobs


Related articles

Back to top