Director - Operational Technology (OT) Cybersecurity
US - GA - Atlanta
Full Time Executive-level / Director USD 159K - 184K
The Coca-Cola Company
We are here to refresh the world and make a difference. Learn more about the Coca-Cola Company, our brands, and how we strive to do business the right way.Location(s):
United States of AmericaCity/Cities:
AtlantaTravel Required:
00% - 25%Relocation Provided:
NoJob Posting End Date:
April 25, 2024Shift:
Job Description Summary:
The Director - Operational Technology (OT) Cybersecurity will be part of the Global Cybersecurity function and play a key role in supporting the development of a global, company-wide manufacturing cyber security program. This will include defining the strategic direction of the manufacturing cybersecurity program and driving the operational deployment of industrial controls systems cybersecurity solutions across multiple Coca-Cola Company manufacturing functions (Concentrate Product Supply, Flavor Manufacturing and North America Operating Unit facilities). The role will be responsible for defining and deploying control systems architecture, tools, processes, and people into a more mature, defensible posture and improve the Coca-Cola Company’s ability to detect, respond and recover from cyber threats and vulnerabilities in its manufacturing sites.
Function Related Activities/Key Responsibilities:
- Define manufacturing cyber security program objectives and scope; lead program governance activities, including oversight of program policies, metrics, and reporting.
- Lead collaboration with IT, Supply Chain, and manufacturing teams to support manufacturing cybersecurity initiatives.
- Develop and maintain Coca-Cola’s Industrial Controls Systems (ICS)/Operational Technology (OT) Security Standard and Risk Assessment process. Create and maintain a library of process documents, RACIs, procedures, guidelines, etc. in support of the manufacturing cyber security program and its various workstreams.
- Ensure consistent implementation of ICS/OT cyber security standards and requirements across global Coca-Cola manufacturing sites. Monitor and measure progress in achieving optimal alignment with objectives.
- Cultivate ICS/OT acumen within cyber security professionals and cyber security acumen within manufacturing professionals.
- In collaboration with stakeholder groups, develop and oversee deployment of ICS/OT-appropriate controls including: access control, asset inventory tools, network and asset monitoring, vulnerability and patch management, risk management, local and remote vendor connectivity, procurement/3rd party & vendor management, security, awareness/training, data protection, business continuity/disaster recovery, and asset decommissioning.
Education Requirements:
- Bachelor’s Degree in Appropriate Field Required (i.e., Information Systems, Computer Science, Cyber Security).
- Relevant industry certification strongly preferred – GISCP, CISA, CRISC, CISSP and/or CISM.
Related Work Experience:
- Minimum 5 years' experience in cyber security.
- Experience working with cyber security frameworks including NIST, NIST 800-53, and IEC 62443.
- Previous experience in project management, must have worked in building a program or workstream from a broader vision.
- Experience in or knowledge of industrial control systems/manufacturing engineering with focus on PLC and HMI systems.
- Experience managing people and/or teams.
Functional Skills:
- Strong ability to influence and communicate risk and urgency of security initiatives with a variety of stakeholders. Must be able to handle difficult conversations professionally, but effectively with internal and external parties.
- Mature project management and organizational skills. Ability to define and collaborate on a broad vision and refine that vision to build a program/project/initiative from the ground-up and maintain and measure success.
- Detailed oriented and well organized, ability to manage multiple initiatives while appropriately prioritizing work relative to risk and urgency.
- A firm understanding of information assurance principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation), IT supply chain security/risk management policies/requirements/procedures, and IT security principles and methods, such as firewalls, demilitarized zones, and encryption and network security architecture concepts including topology, protocols, components, and principles (i.e., application of Defense-in-Depth).
- Ability to define and document how current operational technology (i.e., PLCs, HMI, etc) systems impact the security posture of the current environment, and identify and communicate the protection needs (i.e., security controls) to further mitigate security.
- Ability to work as part of a virtual global team to collaborate across geographic and organizational boundaries to deliver better business results and share best practices across a global System.
Skills:
Pay Range:
$159,300 - $184,700Base pay offered may vary depending on geography, job-related knowledge, skills, and experience. A full range of medical, financial, and/or other benefits, dependent on the position, is offered.
Annual Incentive Reference Value Percentage:
30Annual Incentive reference value is a market-based competitive value for your role. It falls in the middle of the range for your role, indicating performance at target.
Our Purpose and Growth Culture:
We are taking deliberate action to nurture an inclusive culture that is grounded in our company purpose, to refresh the world and make a difference. We act with a growth mindset, take an expansive approach to what’s possible and believe in continuous learning to improve our business and ourselves. We focus on four key behaviors – curious, empowered, inclusive and agile – and value how we work as much as what we achieve. We believe that our culture is one of the reasons our company continues to thrive after 130+ years. Visit Our Purpose and Vision to learn more about these behaviors and how you can bring them to life in your next role at Coca-Cola.
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state or local protected class. When we collect your personal information as part of a job application or offer of employment, we do so in accordance with industry standards and best practices and in compliance with applicable privacy laws.Tags: Agile CISA CISM CISSP Compliance Computer Science CRISC Encryption Firewalls Governance ICS IEC 62443 Industrial Monitoring Network security NIST NIST 800-53 Privacy Risk assessment Risk management Vendor management Vulnerabilities
Perks/benefits: Career development Competitive pay Relocation support Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs