Senior Staff Information Security Engineer

• Applies broad expertise and knowledge in highly specialized fields or several related disciplines to provide solutions to unique issues in creative and effective ways.
• Leads and contributes to the development of company objectives and principles to achieve goals in creative and effective ways.
• Works on highly complex assignments where problem solving requires conceptual thinking and an evaluation of enigmatic components.
• Accountable for results which may impact the entire function.
• Creates formal networks with key decision makers and recognized as a thought leader to several diverse stakeholders.
• Conveys advanced information which requires persuasion and a deep understanding of the business.
• May direct the activities of others.
• Acts independently to determine methods and procedures on new or special assignments.
• Exercises independent judgment in methods, techniques, and evaluation criteria for obtaining results.

• Assists in the execution of the Information Security Program, Data Governance practices, and Privacy assurance
• Assists with role-based access control (RBAC) program.
• Analyzes risk of existing network and system architectures against correlating policies and risks, and provides technical input for appropriate remediation or action plans
• Participates in the following and enforcement of ongoing practices and procedures, technical documentation, and diagrams for appropriate security measure maturity and effectiveness
• Coordinates with team members and other technical departments, ensuring proper communication of the overall success of project tasks and dependencies
• Executes effective monitoring and actionable Information Security reporting across the InfoSec technical landscape
• Executes as a reliable second line-of-defense via documented processes, controls, templates, and rigors
• Practices applicable procedures and standards that meet existing and newly developed policy and regulatory requirements (i.e., PCI-DSS, SOX, GDPR, CCPA)
• Actively provides technical expertise for both Information Security and stakeholder teams for timely and effective delivery of enterprise-wide cybersecurity-based technology design, implementation, deployment, and support
• Provides consulting on best practices to internal customers to ensure processes are embedded at the correct time and frequency and to ensure compliance to security standards
• Provide technical control evidence for audits, evaluate existing tool effectiveness, and collaborates to deploy and support solutions to enhance the companys security posture
• Build collaborative partnerships with manufacturing business unit departments and leaders to create alignment on security strategy advancement
• Demonstrate consistent goal deliverable performance, ability to embrace and accommodate business and technical challenges, maintain time-based commitments, and deliver results within reasonable expectations

• Minimum 5-8 years experience implementing and supporting Information Security enterprise-level tools with track record of creating enterprise-wide scalable solutions based on industry standard security concepts, technical controls, and best practice frameworks
• Minimum 4 years in a senior engineering role with experience identifying technical and procedural gaps across security focused solutions and processes
• Minimum 4 years' experience in implementing role-based access controls (RBAC) in a large enterprise environment.
• Advanced degree in automation, robotics, mechatronics, electronic engineering, or manufacturing security disciplines
• OT/ICS system knowledge and experience (SCADA, DCS, PLC, EMS, etc.)
• Experience in evidence validation for OT frameworks (e.g., IEC ISA 99/62443, NIST SP 800-82, etc.)
• ICS protocols and technology hands-on expertise (Rockwell, Siemens, Schneider Electric, etc.)
• Expert-level knowledge and experience managing network and security devices (i.e., Firewalls, IDS/IPS, SIEMs, AV\Malware sandboxes, VPN's, vulnerability scanning tools, network taps, etc.)
• Ability to proactively collaborate by sharing information, managing knowledge across many technology domains, and championing solutions for broad adoption to improve security posture
• Strong oral and written communication skills, with a focus on technical document and diagrams
• Proven participation and advancement with team goals, projects, and work efficiency showing drive to achieve results
• A self-starter with a hands-on style, high level of energy, stamina, drive, and commendable organization and time management skills

• Bachelors degree in Information Systems, Computer Science, Information Security, and/or related work experience
• Professional qualifications are preferred: CISSP, GISCP, GSEC, SANS, GIAC, or similar

• Typically requires a minimum of 12 years of related experience with a Bachelors degree; or 8 years and a Masters degree; or a PhD with 5 years of experience; or equivalent experience.

Leading-Biotechnology-Company