Operational Technology Security (Remote) Architect

Requisition Number: 59560

Corning is vital to progress – in the industries we help shape and in the world we share.

We invent life-changing technologies using materials science. Our scientific and manufacturing expertise, boundless curiosity, and commitment to purposeful invention place us at the center of the way the world interacts, works, learns, and lives.

Our sustained investment in research, development, and invention means we’re always ready to solve the toughest challenges alongside our customers.

The global Information Technology (IT) Function is leading efforts to align IT and Business Strategy, leverage IT investments, and optimize end to end business processes and associated information integration technologies. Through these efforts, IT helps to improve the competitive position of Corning's businesses through IT enabled processes. IT also delivers Information Technology applications, infrastructure, and project services in a cost efficient manner to Corning worldwide.

Scope of Position:

不安全架构师将联络元素een IT and OT and play an integral role providing guidance in designing, enhancing, and aiding with the implementation and support of the OT infrastructure, applications, and assets. The OT Security Architect will be an open minded, creative thinker, who can communicate effectively with engineers and other discipline areas of manufacturing (in-house and/or outsourced) to develop solutions by leveraging and enhancing existing technologies, processes, and policies and adjusting them to meet OT security needs without disruption and negative impact to the OT environment. They will educate and inform IT of the ideocracies of OT and why common IT architecture and security requirements may not apply to the OT landscape.

Responsibilities:

• The position requires experience in all aspects of operational technology including but not limited to knowledge of IIoT, PLCs, HMI, Industrial Networks, and Software used by the industry

• Support the OT Cybersecurity program

• Create, assess and/or review OT Cybersecurity policies and standards identifying gaps and/or areas of improvement

• Assess and review OT network architecture, identifying gaps and/or areas of improvement based on policies and standards and leading best practices

•不网络分割

• Reviewing and monitoring OT logs and events

• Providing efficient and robust methods for testing, triage, and risk mitigation during CI/CD workflow to minimize post-production “bolt-on” security fixes.

• Proactively analyzing existing platforms and applications for potential security vulnerabilities and/or improvement opportunities and proposing appropriate measures.

• Being empowered to coordinate and drive implementations in projects with regards to defense in depth, security by design and secure operations.

• Applying your understanding of the ISA99/IEC62443 Network Level Model and your past experience designing solutions which cross the boundaries of IT & OT.

• Having the ability to quickly get acquainted with new tools, technologies, and methods and having a comprehensive knowledge about platforms and security tools.

• Being already well networked within the world of OT and IT cyber security.

• Representing our corporate requirements, processes of our ISMS and the underlying implementation procedures in internal and external communities

• Understand the international standards involved in connecting OT technology including but not limited to network protocols, OPC-UA, ISA95/Purdue Model, ISA99, IEC/ISA 62443, or ICS/Operational technology standards and global regulatory requirements would also be desirable

• Strong understanding of OT networks, protocols, assets/devices, and engineering of those solutions

• Strong understanding of OT security, components, and challenges

• Strong understanding of key cyber security controls that should be implemented within OT environments

• Consult the clients on corporate standards for engineering, delivery, technology selection, and design

• Ability to create technical/security solutions and present to executive level

• Ability to engage at executive level for business case and solution sign-off

• Demonstrating sound judgement and decision making, and be able to credibly interact professionally at all levels across the organization

• Able to demonstrate a high degree of credibility and influence senior stakeholders within the organization and key external stakeholders

Education and Experience:

• Bachelor’s degree in Computer Science, Information Security, or Information Technology or comparable experience

• Cyber Security Certificates preferred or comparable experience and certifications: Certified Information Systems Security Professional (CISSP), Global Industrial Cyber Security Professional (GICSP) , GIAC Critical Infrastructure Protection (GCIP), GIAC Response and Industrial Defense (GRID), ISA/IEC 62443 Cyber Security Certificates , Cybersecurity Fundamentals Specialist (Certificate 1), Cybersecurity Risk Assessment Specialist (Certificate 2) , Cybersecurity Design Specialist (Certificate 3) , Cybersecurity Maintenance Specialist (Certificate 4), Cybersecurity Expert • Five-plus (5+) years of demonstrable knowledge and experience in OT Cybersecurity

• Demonstrable knowledge and experience with: incident identification and response in cloud-based architectures OT and IIOT process, components, protocols, systems, applications, and connectivity and OT integration/implementation of cybersecurity controls and cloud infrastructure process, standards, and implementation strategies of OT systems and environments delivering solutions with cross-functional teams using collaborative agile methodologies

Required Skills:

• Project management and delivery of solutions across OT environments

• Practical experience in delivery of controls, project management, design, or application of controls for manufacturing lines

• Ability to define and deliver services to internal and external customers, achieving excellent customer satisfaction

• Strong problem solving and conceptual thinking capabilities

• Excellent verbal and written communication skills

• Ability to create and work in virtual teams to solve business issues

Travel Requirement(Negligible)

这个角色能源部s not support immigration.

The range for this position is ($100,000 - $128, 000k).Starting pay for the successful applicant is dependent on a variety of job-related factors, including but not limited to geographic location, market demands, experience, training, and education. The benefits available for this position include medical, dental, vision, 401(k) plan, pension plan, life insurance coverage, disability benefits, and PTO.

We prohibit discrimination on the basis of race, color, gender, age, religion, national origin, sexual orientation, gender identity or expression, disability, veteran status or any other legally protected status.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.