Principal OT Security Architect - UK

Hello. We’re Haleon. A new world-leading consumer health company. Shaped by all who join us. Together, we’re improving everyday health for billions of people. By growing and innovating our global portfolio of category-leading brands – including Sensodyne, Panadol, Advil, Voltaren, Theraflu, Otrivin, and Centrum – through a unique combination of deep human understanding and trusted science.

This is an exciting time to join us and help shape the future. It’s an opportunity to be part of something special.

About the role

The Principal OT Security Architect is a critical role in the Digital and Tech Information Security organization supporting our OT Manufacturing sites to maintain the highest level of service availability and keep our network security levels ahead of our business demands, while pushing for more standardization through automation. The Principal OT Security Architect will assess, improve, and maintain the network security of the global manufacturing Operations Technology (OT) environment, and build new processes & procedures and develop guidelines for the business to adhere to. Additionally, will be a subject matter expert (SME) in delivering controls to mitigate both insider and external risks.

Role Responsibilities

• Lead all aspects of architectural activities for a technology domain, or architectural practice area, or manage the development of solution architectures for projects or programs within a business area.
• Define standards and direction of architecture in the specific business or technical domain.
• Define and develop the logical design and information management strategies vital to store, move and manage data in a new target state.
• Create architecture patterns to suggest the most adequate utilization of technical platforms in support of the holistic solution architecture design.
• Define, build, and evolve the Architecture Governance Framework (e.g., architecture methods, practices and standards) for IT/IOT/OT.
• Define, design, apply and support security controls to OT systems in our sites and own and define the architectural security standards for OT.
• Analyze, design, and develop roadmaps and implementation plans based upon a current vs future state.
• Develop and implement measures, tools, and technology to monitor compliance with company security policies and procedures, laws and regulations.
• Lead the research and analysis of new security trends relating to OT security network.
• Manage relationships with engineering teams and collaborate with teams across the organization to ensure network security levels are maintained at the highest level.
• Explore raw network traffic & perform in-depth data analysis utilizing various tools.
• Create useful and creative data queries & relevant dashboards and reports to key stakeholders.
• Initiate, prioritize, and design R&D work based on customer needs.
• Optimize operational excellence and ensure best practices for security are followed.
• Serve as a key thought leader, helping to maximize the value of Information Security and IT.
• Define and monitor metrics to assess the overall value/maturity of cybersecurity investments.
• Serve on various forums (e.g., Information Security / OT Lead Teams) to analyze projects, programs, and products to ensure they are technologically sound, will do no harm, and will deliver the expected outcomes.
• Recognize the value of emerging technologies and practices with intent to accelerate cybersecurity capabilities for manufacturing and lab environments.
• Perform testing against ICS/OT devices, networks, and security control mechanisms.
• Provide leadership, technology guidance, collaboration and mentoring of key stakeholders and teams; develop and motivate to create a positive culture and working environment.

Basic Qualifications:

• Bachelor’s degree in computer engineering, Electrical Engineering, Computer Science, or a related technical field.
• 5+ years of IT and Operational Technology Security experience with a focus on working with Industrial control system cybersecurity frameworks, such as IEC62443, NIST (CSF) Cyber Security, and SANS CIS control frameworks.
• Expertise on developing OT security programs and securing OT security network architectures.
• Solid foundation in laboratory / ICS support which was built up with IT topics like network architectures, network protocols, industrial protocols, Active Directory, Backup processes, virtualization of applications and other general IT knowledge.
• Fundamental knowledge in IT-Security threat modelling, vulnerability assessments and pen-testing.
• Experienced in the use of tools for incident investigations, simulation, and forensics - GxP regulations.
• Ability to present technical design proposals and reports to customers and/or other senior engineering, management, and government groups in clear, complete, concise, and non–ambiguous terms.
• Excellent presentation, written and verbal communication skills; ability to clearly communicate and have excellent consulting skills.
• Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action.
• Sound knowledge on Industrial Control Systems ICS environment including design, protocols, and integration (OT 4.0 experience).
• Firewall, Next Gen Firewalls, and security network subject matter expert (SME).

Preferred Qualifications:

• CISSP, GICSP, CISM or CFSE/CFSP certification preferred.
• Claroty, Zscaler, and Azure experience desired.
• Open-minded, flexible, and thrive in a highly dynamic, fast-paced, ever-changing environment.
• Exposure of onsite travelling, site audit/security audit would be a plus.
• Excellent communication skills, oral and written.
• Fluent language skills in English.

Embrace Flexibility with Haleon

This exciting opportunity offers a flexible hybrid work arrangement, allowing you to contribute from our Weybridge and London offices as needed. We believe in an agile working culture for all our roles.

Haleon is an Equal Opportunity Employer. All qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.