Dematic Senior Cyber Security Architect in Any Location, United States
Dematic is an intralogistics innovator that designs, builds and supports intelligent, automated solutions for manufacturing, warehouse and distribution environments for customers that are powering the future of commerce. With engineering centers, manufacturing facilities and service centers located in more than 25 countries, the Dematic global network of 10,000 employees has helped achieve more than 6,000 worldwide customer installations for some of the world’s leading brands. Headquartered in Atlanta, Dematic is a member of KION Group, one of the global leaders in industrial trucks and supply chain solutions, and a leading provider of warehouse automation.
This role resides within Dematic’s Global Products and Solutions organization (GPS). Solutions include supply chain innovations such as robotic mixed case palletizing, micro-fulfillment centers, autonomous mobile robot solutions, high density buffer storage and overhead systems.
This role will provide technical leadership to ensure that Dematic customer offerings are secure by design and protect customers’ supply chain operations. The scope of this role is system-wide security for Dematic products and solutions. The scope covers both Information Technology (IT) security and Operational Technology (OT) security and includes warehouse automation equipment, machine controls, software and networks. Dematic software resides both on-premise in customer environments and in the cloud. This role will collaborate closely with stakeholders in product management, R&D, customer service, IT and region teams to ensure security requirements for Dematic products are satisfied.
This is a key leadership role that will directly influence growth and profitability for Dematic. This is an exciting opportunity to join Dematic. If you are passionate about leading change and creating the future in a rapidly growing industry this role is for you!
• Define requirements and design standards to protect Dematic products and solutions from security threats and for mitigating the impacts of these threats. Ensure that these standards are implemented in Dematic system development programs.
• Define reference network architectures based on industry best practices to promote IT and OT security.
• Define requirements for an OT cybersecurity platform to include in Dematic offerings and drive vendor technology assessments for this platform.
• Define requirements and design approach for integrating the OT cybersecurity platform with customers’ SOC and SIEM platforms.
• Define procedures for vulnerability scanning and penetration testing and mitigating issues found from this testing.
• Drive DevSecOps mindset in Dematic’s systems and software development lifecycle processes.
• Lead security technical design reviews.
• Lead ISO 27001 certification for Dematic products.
Bachelor's Degree in Computer Science, Information Security, Cyber Security or related fields. Master’s or PhD degree preferred.
5+ years of technical experience in the cybersecurity field.
Security architecture, demonstrating solutions delivery, principles and emerging technologies - Designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions, working with an information security team.
Security considerations of cloud computing: They include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
Relevant National Institute of Standards and Technology (NIST) standards, NIST800. A system that is not in compliance with the standards set by NIST, along with ISO2700X series, GLBA, FFIEC, COBIT and COSO (below), will lack both compliance and adequate security architecture.
Industrial control cybersecurity experience.
Strong foundation and in-depth technical knowledge of security engineering, computer and network security, authentication, and security controls.
Strong experience and in-depth knowledge of security standards and best practices (OWASP, SANS 25, et.) as it relates to cloud, web and mobile applications.
Strong knowledge of core information security principles and concepts (including TLS, secure HTTP and MQTT, OAuth/OAuth2) including virtualization technologies
Experience with (network) security tools such as Snort, Nessus, Metasploit, Burp Suite, Nexpose and Core Impact.
Requisition ID: 2021-15165
Job Time: Full-Time
Experience Level: Senior Level
External Company URL: http://www.dematic.com