Cyber Security Specialist

Cyber Security Specialist (OT)

You will be responsible for providing cybersecurity expertise and oversight for Operational Technology (OT) environments, with a strong focus on Industrial Automation and Control Systems (IACS) across TechnipFMC.

This includes defining, managing, and enforcing IACS security controls, processes, and procedures, relying on your experience in both information security and automation technologies focused on industrial control systems. You will work closely with sites, services, technical teams, and product groups to ensure that required security measures and support are delivered. In this role, you will be part of the IACS Cybersecurity team and the Information & Digital Services team, and you will serve as the regional IACS Security representative for Norway and Poland while also supporting global security projects and initiatives within the CISO department.

This role requires working 4 days per week from our office in Kraków.

Job Description

• Provide secure design, development, and architecture requirements for Industrial Control Systems (ICS) environments and information and digital systems as they relate to ICS and automation.

• Provide cybersecurity awareness and training within product development and ICS environments.

• Provide support to write, review, and maintain documents, policies, and standards governing the cybersecurity requirements for the ICS environment.

• Provide secure architecture requirements for lab and development networks.

• Perform security reviews and assessments of systems, networks, and processes/procedures in ICS environments.

• Assist with testing, selection and implementation of security technologies in ICS environments.

• Provide support for projects and initiatives that enables sites to accomplish project goals in a secure manner.

• Provide support for management and remediation of vulnerabilities identified in ICS environments.

• Acts as subject matter expert in Industrial Automation and Control Systems security.

• Support on the development of cybersecurity technology implementation strategies for ICS environments with clear understanding of the differences between IT and OT environments (e.g. Anti-virus on HMIs, application whitelisting, security policies for firewalls in ICS environments, etc.).

• Support the execution of risk based methodologies for cybersecurity assessments of ICS systems, including remote sites, onsite, third party, and on vessels.

• Support on the creation of technical design documentation and to write technical reports for both technical and management consumption and understanding.

• Follows the established metrics and key performance indicators to monitor the overall health and effectiveness of the ISC cybersecurity program.

• Stays informed about the latest cyber threats to the ICS environment including threats towards the organization.

• Supports on the development of strategies and plans to mitigate emerging cyber threats.

  
  

You are meant for this job if:

• Bachelor’s degree or equivalent

• 5+ years of strong technical ICS experience, including configuration review (e.g., HMIs, engineering software, PLCs), backup/recovery best practices, and knowledge of industrial protocols

• Solid general technical knowledge across applications, networks, protocols, databases, and operating systems (Windows/Linux)

• Understanding of industrial network architecture.Experience using ICS software, including:

  • Engineering software

  • Version management software

  • HMI software

  • OPC software

• Working knowledge of networking concepts, with ability to review network designs and assess security of devices such as switches, routers, and firewalls

• Strong writing and presentation skills

• Fluency in English, level B2 is minimum

• Cybersecurity certifications (e.g., CISSP) preferred

• ICS security certifications (e.g., SANS GICSP, ISA/IEC 62443 Risk Assessment Specialist) preferred

• Experience implementing security controls, hardening, and technologies within automation systems and networks

• Experience with vulnerability and patch management in ICS environments

• Working knowledge of IACS security standards

• Willingness to travel to other TechnipFMC sites (approx. 5%)