Cybersecurity Process Control Principal
Click the Facebook, Google+ or LinkedIn icons to share this job with your friends or contacts. Click the Twitter icon to tweet this job to your followers. Click the link button to view the URL of the job, which then can be copied and pasted into an e-mail or other document.
Wilmington, DE 19806
Cybersecurity Process Control Principal
At Chemours, our purpose is to help create a colorful, capable and cleaner world through the power of chemistry!
The Chemours Company headquartered in Wilmington, DE has a Cybersecurity Process Control Principal position available in Wilmington, DE. This is a highly visible, key role within the Company and the Information Technology function. This position will report to Chief Information Security Officer.
The responsibilities of the position include, but are not limited to, the following:
- Lead all Cybersecurity efforts within the Chemours Process Control, Industrial Control and Operational Technology manufacturing environments
- Develop strategies to converge IT with Operational Technology (OT) while ensuring the integrity of the manufacturing ecosystem
- Be an agent of change by consistently networking with industry peers externally and research new technical concepts to secure our process control environment by seeking innovative ideas that can be introduced into the Chemours Industrial Control Systems (ICS) infrastructure
- Able to manage vulnerabilities and Risk in the Chemours Operational Technology by working with vendors and plant operations to ensure reduction in the attack surface
- Ensure all interfaces between the industrial network and other networks are clearly defined, documented and adhere to relevant standards
- Provides overall project management for ICS cyber projects
- Responsible for ensuring Compliance and Risk are addressed and audited per defined frequencies, including applicable laws and regulations
- Ensure Policies and Standards adequately address ICS risk and align with Information Technology
- Manage ICS vendor and contractor relations across all cybersecurity domains
- Refine roles and role based training for ICS community
- Travel may be required, up to 25%
In order to be qualified for this role, you /must possess/ the following:
- Bachelor’s Degree in Computer Science/Electrical Engineering or “STEM” Majors (Science, Technology, Engineering, and Math)
- 8-10 years in combined work experience from both IT and industrial control disciplines including 5-8 years of experience in at least two architecture or engineering disciplines within an enterprise scale environment (such as Control Systems Engineering, Mechanical Engineering, Electrical Engineering and Cyber Security)
- Ability to implement security tools, standards and processes across the following: Industrial Control Systems, Smart IoT devices and systems, Autonomous systems, Programmable Logic Controllers (PLC), Machine to machine (M2M) communications, Cloud initiatives that enable smart IoT solutions, Threat modeling practices for OT/IoT enablement, Network, access and data segmentation
- Proven ability to actually implement cyber security governance standards, such as the NIST Cybersecurity Framework or ISO 27000 series beyond theoretical constructs
- Experience in day-to-day run and maintain activities, including anti-virus software management, system patching, back-up and restore, asset inventory management and intrusion detection monitoring
- Experience in change and configuration management for industrial control systems
- Experience in industrial network and infrastructure design, including network domain segregation concepts
- Technical background in the areas of industrial control systems, process control networks, SCADA or other industrial automation
The following skill sets are /preferred/ by the business unit:
- Certifications with corresponding experience will be used as a differentiator: GICSP, CISSP-ISSEP, CISA, Citrix, GSEC
- Experience in delivering guidance to plant personnel on ICS security awareness
- Ability to create detailed engineering-level documentation of industrial components, systems and applications in the ICS network
- Knowledge of and hands-on experience using various penetration testing methodology and tools like Nessus, Web Inspect, Nmap (Slow Scans, Service detection, OS detection, namp Scripts)
- Thorough knowledge and understanding of ITAR regulations
- Proven experience in forging strong business partnerships
- Active listening and excellent written and verbal communication skills
- Excellent leadership skills and teamwork skills
- Results oriented, high energy, self-motivated
Chemours is an equal opportunity employer.
Chemours is an E-Verify employer.
Candidates must be able to perform all duties listed with or without accommodation.
Immigration sponsorship (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status) is not currently available for this position.
In the spirit of customer centricity, refreshing simplicity, collective entrepreneurship, safety obsession, and unshakable integrity we are the home of some of the world’s greatest brands and greatest employees! Learn how you could be a catalyst for change at Chemours.