PURPOSE OF THE JOB

The Global OT Security Engineer is a critical member of the Owens Corning Global Information Services (GIS) Security team.  The OT Global Security Engineer is responsible for designing, implementing, and managing security technologies and controls focused on firewalls and the manufacturing landscape. This role plays a crucial part in securing operational technology (OT) environments across Owens Corning's global manufacturing operations. The OT Security Engineer will execute the manufacturing security roadmap and strategy, ensuring the protection of critical infrastructure and systems at scale.

 

The OT Global Security Engineer must be comfortable working at a varying pace, with multiple tasks and deadlines simultaneously, while being able to adjust priorities when needed. He/she must pass a thorough background check and be clear of any technology related crimes or violations of security policies.

 

Reports to:                        Director, GIS – Operational Technology Security and Infrastructure

Span of Control:               Individual Contributor

 

JOB RESPONSIBILITIES

 

Knowing Our Businesses and their Strategies

Create and manage conversations with key stakeholders that drive understanding, action, and follow-up of strategy Provide guidance and have knowledge of cyber security processes, solutions, and results Understand the strategic direction of the company’s businesses; execute functional strategies to support and enhance business results and be knowledgeable of the project work that supports this direction and implications to the business.

 

Executing Strategy

Infrastructure Security

Design, implement, and manage robust security technologies and controls, with a focus on firewalls, across OT environments in manufacturing facilities Oversee the configuration, management, and monitoring of large-scale firewall platform to ensure secure communication and prevent unauthorized access to OT systems. Design, deployment, and management of remote access solutions Ensure technical security controls are designed, implemented and managed to achieve their intended risk mitigation Execute the manufacturing security roadmap, aligning with the broader security strategy and ensuring the security of critical OT assets Implement and optimize technical security controls to prevent, detect, and respond to security threats in manufacturing systems and networks. Perform security assessments, identify gaps in existing security architecture, and recommend changes or improvements. Provide subject matter expertise in network security design, firewalls and intrusion detection/prevention systems Work closely with manufacturing teams, IT, and other business units to integrate and support security technologies across OT systems. Assist in OT-related security incident investigations, response, and remediation efforts to minimize downtime and safeguard operational systems. Continuously evaluate and enhance security technologies and controls in response to evolving threats and vulnerabilities in the OT landscape. Proactively assesses risk exposure in business operations as it relates to the technology and make recommendation to address and minimize those risks. Provide security guidance and oversight for processes and technology Participate in risk assessments for new technologies, and projects Document security requirements and controls for protecting information, systems, and technology assets.

 

Project Support

Be the security subject matter expert for projects on an as-needed basis to provide a viewpoint on risk and risk mitigations Work with security and infrastructure partners to support large scale projects Utilize Owens Corning’s project management tools to develop and implement security solutions which reduce risk or enhance Owens Corning’s security platforms Act as a Security Advisor to the GIS and Business groups along with tracking ongoing projects, integrations, deployments, decommission and technical guidance implementation of innovative technologies

 

Influencing in the Function

Summarize complex information into succinct reviews that are easy to read, interpret, and understand Demonstrate strong attention to detail to ensure integrity and accuracy Identify areas of waste (process, time, etc.) and ideate and execute action plans to create productivity Lead or participate in special projects that support the long-term strategic goals of the business and/or organization Identify opportunities to improve the effectiveness, value, and perception of the function

 

Developing Talent

Provide impactful peer-to-peer leadership to others, contributing to their development Invest in personal growth and development, clearly focused on self-learning Capture the value of continuous learning and ongoing development opportunities

 

 

JOB REQUIREMENTS

MINIMUM QUALIFICATIONS:

Bachelor's Degree required in Computer Science, Information Systems, Information Technology, or equivalent experience 5+ years of hands-on experience in information security technology with a strong background in security and networking In-depth technical knowledge of core networking, complex routing and security protocols, security technologies, firewalls and remote access solutions

 

EXPERIENCE

Operational Technology security knowledge is a plus. Hand-on experience implementing, maintaining and troubleshooting security and network technologies Solving complex security and network problems Hands on experience designing and managing core network infrastructure; switch & routers Experience creating and maintaining IPSEC tunnels, remote access solutions, web filtering, security, NAT and AV & threat policies. Experience managing large scale firewall platforms Knowledge of OT asset management and monitoring platforms Solid working knowledge of the function of authentication for security policies In-depth knowledge of security policy creation, best practices and optimization Knowledge to secure IoT and IIOT networks Understanding of central firewall management tools to administrator standard policies and automation Knowledge IaaS, PaaS, and SaaS implementations and offerings Working knowledge, experience, and solid understanding of major Infrastructure-as-a-Service cloud platforms Experience working with Secure Access Service Edge (SASE) and remote access solutions

 

 

KNOWLEDGE, SKILLS AND ABILITIES:

Knowledge of Purdue model, OSI model, ISO, ISA, NIST and IEC standards as applied to security Must know the difference between an essential security requirement and an ideal security practice and be able to communicate to leaders and stakeholders Competent in project management theory, knowledge, skills, tools, and techniques with the ability to successfully deliver large projects from concept to deployment  Experience creating communications in a variety of platforms, technologies, and methods. Ability to communicate and collaborate effectively with both IT and business partners to assess needs, propose technology solutions, and achieve business benefits. Proven ability to be successful within a global environment. Ability to understand, communicate with and effectively interact with people across cultures. Convey relevant information clearly with confidence. Understanding others through active listening. The ability to build trust, connections, and influence stakeholders. Organizational skills to handle multiple priorities and proven ability to execute and deliver results. Demonstrated the ability to synthesize high-level objectives within an ambiguous environment to align on a direction with clear objectives and goals. Experience in managing supplier relationships with confidence and presence Demonstrated experience leading resolution of advanced technical issues in conjunction with and on the behalf of internal teams and external providers. Analytical, technical, and problem-solving skills. The ability to prioritize in a constantly evolving environment Ability to travel up to 25%, including internationally