OT - Cyber Security Engineer

About Us

As a leading provider of high-quality food and beverage ingredients, we work with farming communities across the globe to grow, source and produce ingredients that are good for consumers, farmers, and the world around us. We supply household food brands and manufacturers worldwide with cocoa, coffee, dairy, nuts and spices ingredients which are often grown on our own farms and estates and sourced from hundreds of thousands of farmers across ~50 countries. Along with our diverse manufacturing and innovation capabilities, this means we can provide ingredients for a range of products, from a plant-based latte mix to an almond based snack bar or a dairy-free ice cream. Making a positive impact on people and planet is a core component of our Purpose, to be the change for good food and a healthy future. With a deep-rooted presence in the countries where our ingredients are grown, we are closer to farmers, enabling better quality, and more reliable, traceable, and transparent supply. And whoever we’re with, whatever we’re doing, we always make it real.

About the function: Digital & Information Technology

Given the carve-out and the new strategic journey, ofi is focusing on areas that accelerate growth through innovation strategy. Along these lines, the IT function is looking forward to driving the next wave of value creation that can have a tangible positive impact on the organization as well as our partners including farmers, suppliers, customers and communities.

Overview of the role

This role is part of the Cyber security team, and responsible for ensuring the design, implementation and ongoing management of security technical controls across OT systems, network and integration.

Key Responsibilities

• Risk Assessment and Management - conducting thorough risk assessments to identify vulnerabilities in industrial control systems (ICS) and other OT assets. Evaluate the potential impact of threats and develop strategies to mitigate risks. This includes performing regular security audits, vulnerability scans, and penetration testing to ascertain the resilience of the systems. Supporting on Site assessments of IT/OT and opportunities for improvement.
• Assessments - Lead OT cybersecurity assessments, including design reviews, network topology reviews, and mapping data flows.
• Security Policy Development – supporting the Director of OT security to create, implement and maintain security and architecture policies and procedures, delivering a secure by design methodology Collaborating with various stakeholders, including IT and operations teams, to formulate robust security frameworks that address potential threats and vulnerabilities.
• System Design – supporting the Site managers, Digital operations team, network Lead and OT Security Director to design definitions, review and validate new systems and improve existing.
• Implementation of controls - implement and manage security controls to protect critical systems. Including deploying firewalls, intrusion detection/prevention systems (IDS/IPS), remote management software, and other security technologies designed to prevent unauthorized access and detect malicious activities. They also configure network segmentation to limit the exposure of sensitive OT assets.
• Incident response and recovery - In the event of a security incident, you will coordinate response efforts. Develop and maintain incident response plans that outline procedures for detecting, analyzing, and responding to security breaches. Post the incident you will lead on root cause analysis.
• Security Awareness and Training – Work with the Governance, Risk and Compliance teams to develop appropriate training specifically for those who work within OT environments, ensuring they understand what is required.
• Stakeholder management – work with multiple senior stakeholders at Plants, including site management, internal IT teams and service providers. Collaborate to implement, maintain and monitor security protocols across sites and bridge any gaps between IT and the unique OT system requirements.
• Vendor management – Support the Director of OT security to management vendors, including, relationship management, evaluation of vendor products and services, negotiating contracts and ensuring vendors are meeting contractual requirements.
• System Integration - Integrate security solutions with existing OT systems. Ensure that new technologies are compatible with legacy systems and do not disrupt operations. Must have a deep understanding of both the technical and operational aspects of the OT networks and infrastructure.
• Reporting and Metrics - establish performance metrics to measure the effectiveness of security controls. Generate regular reports that detail security incidents, risk assessments, and overall system resilience. Continuous monitor the effectiveness of controls and report back to stakeholders.

Qualification & other requirements

• University or College degree in Engineering, Information Technology, Cyber Security, or related field.
• At least 5 years of hands-on operational experience in cyber security with increasing responsibility, including managing teams and vendor relationships.
• Hands-on experience with OT/ICS critical infrastructure in industries like CPG, Pharmaceuticals, or ONGC preferred.
• Experience in several security architecture domains (IAM, Software Development, Networking, Mobility, Information Protection).
• Professional qualifications – CISSP, ISSAP, CISM etc.
• Deep understanding of IT / OT systems, Process layer, networking and cyber security principles, with strong analytical skills and well as the ability to think critically and creatively to identify and address potential issues.
• Hands-on experience with security technologies, such as firewall, SIEM, SOAR, Identity and access management etc.
• Excellent communication and collaboration skills to manage and maintain stakeholder relationships. Understanding, of OT/ICS infrastructure in Food and Beverage or similar industries
• Proficiency in OT/ICS network design and building network architecture drawings.
• Ability to influence and communicate effectively at all levels.
• Knowledge of techniques and tools for effective analysis and problem resolution.
• Clear and concise communication skills, both orally and in writing

ofi is an equal opportunity employer and values diversity. All qualified applicants will receive consideration for employment without regard to racial or ethnic origin, color, age, religion or belief, sex, nationality, disability, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by applicable law.

Applicants are requested to complete all required steps in the application process including providing a resume/CV in order to be considered for open roles.