Principal Engineer - Operational Technology Network Security

• Provides technical leadership for OT network security strategy architecture standards and roadmap development across operational environments including distribution centers automation platforms industrial control systems IoT/IoT devices facilities systems and supporting network infrastructure.
• Designs and leads implementation of secure OT network architectures using principles such as Purdue Model segmentation zero trust defense-in-depth secure zones and conduits least privilege and controlled connectivity between IT OT cloud and vendor-managed environments.
• Plans and leads upgrades to OT network security measures and tools to protect operational systems networks and connected assets while minimizing disruption to safety quality availability and business operations.
• Analyzes trends threat intelligence vulnerabilities regulatory expectations and changes in the OT and industrial cybersecurity landscape; advises leadership on organizational risk and recommends mitigation strategies.
• Develops refines and implements OT security policies standards procedures reference architectures and technical patterns aligned to frameworks such as ISA/IEC 62443 NIST SP 800-82 NIST Cybersecurity Framework ISO 27001 and applicable compliance requirements.
• Leads OT network segmentation initiatives including firewall rule governance access control network access control secure routing remote access hardening jump host architecture micro-segmentation and monitoring of traffic between IT and OT environments.
• Partners with network administrators system administrators facilities teams automation engineers and third-party vendors to ensure OT networks servers endpoints controllers network devices and security technologies conform to approved security standards.
• Provides technical guidance for OT asset discovery inventory management vulnerability management configuration baselines patch risk assessment compensating controls and lifecycle planning for systems with operational or vendor constraints.
• Contributes to response activities for OT security incidents including triage investigation containment eradication recovery root cause analysis lessons learned and coordination with enterprise incident response teams and third-party responders.
• Formulates methodologies to monitor detect analyze and respond to OT network security events; supports the integration of OT telemetry into SIEM SOAR network detection and response vulnerability management and enterprise cyber operations processes.
• Provides technical oversight for security controls in the acquisition design development change management and deployment lifecycle for OT systems warehouse automation technologies network-connected equipment and third-party-managed platforms.
• Reviews technical and functional design documents network diagrams firewall requests connectivity patterns vendor proposals and implementation plans to identify security risks and recommend practical remediation actions.
• Coordinates with senior technical leaders across Information Security Infrastructure Network Engineering Cloud Facilities Distribution Operations and Enterprise Architecture to design and implement resilient security solutions that protect physical and intangible assets.
• Provides technical guidance coaching and mentorship to engineers and analysts supporting OT security network security cyber operations vulnerability management and incident response activities.
• Maintains and contributes to service-level expectations operational procedures and governance processes to ensure OT security controls remain effective measurable and supportable.
• Communicates advanced OT and information security concepts clearly to technical teams business leaders vendors auditors and executive stakeholders.
• Develops metrics KPIs risk insights remediation progress and executive-level summaries related to OT network security posture.
• Researches evaluates and supports deployment of security technologies for OT and industrial environments including industrial network monitoring firewalls secure remote access network detection and response asset discovery vulnerability management identity and access management email security endpoint controls SIEM SOAR and cloud-connected OT security use cases.
• Serves as a subject matter expert for OT network security in support of product engineering facilities distribution enterprise infrastructure and corporate information security initiatives.

• Bachelor's Degree in Computer Science Information Technology or any other related discipline or equivalent related experience.

• Global Industrial Cyber Security Professional (GICSP)
• GIAC Response & Industrial Defense (GRID)
• ISA/IEC 62443 Cybersecurity Certificate or related ISA/IEC 62443 certifications
• Certification in Information Security Strategy Management (CISM)
• Certified Information Systems Security Professional (CISSP)
• CompTIA Security + Certification
• Cisco Certified Network Designations (CCNA CCNP CCIE)

• 8+ years of directly-related or relevant experience preferably in OT security.

• Conflict Resolution
• Creativity & Innovation
• Decision Making
• Assertiveness
• Influencing Skills
• Planning
• Presentation Skills

• Operational technology and industrial network security
• Network architecture routing switching firewalling VPN IDS/IPS proxies and secure remote access
• OT network segmentation Purdue Model architecture zones and conduits zero trust and defense-in-depth
• Industrial cybersecurity frameworks and standards including ISA/IEC 62443 NIST SP 800-82 NIST CSF ISO 27001 PCI and SOX where applicable
• Industrial protocols and environments such as Modbus BACnet OPC Ethernet/IP PROFINET SCADA PLCs HMIs and building automation systems
• Threat modeling root cause analysis vulnerability management patch risk assessment compensating controls and exception management
• Identity and access management for privileged and remote access in OT environments
• Incident response cyber operations threat hunting monitoring and logging for hybrid IT/OT environments
• Cloud-connected OT and IoT/IIoT security considerations
• Security governance compliance assessments risk acceptance processes and third-party risk reviews
• Business continuity disaster recovery and resilience considerations for operational environments

• Microsoft Office Suite
• Security Tools - SIEM EDR Email Security Gateway SOAR Firewall Anti-virus Firewalls VPN IDS/IPS AV proxies etc.
• OT and industrial security monitoring platforms such as Armis Nozomi Networks Claroty Dragos Microsoft Defender for IoT or equivalent technologies
• Firewall and network platforms such as Palo Alto Networks Fortinet Cisco Check Point or equivalent technologies
• Ticketing workflow documentation and collaboration tools
• Scripting or query languages such as Python PowerShell SQL KQL JavaScript HTML/CSS or equivalent tools used for automation reporting and analysis

What We Do

Cencora is a leading pharmaceutical solutions organization centered on improving the lives of people and animals everywhere. With 46000+ global team members we have the opportunity to make a positive impact on healthcare in communities everywhere. Our team members are empowered to activate their careers through a collective of tools and resources designed to support individual career interests and aspirations. We value our listening culture that actions real outcomes and our team members appreciate and recognize one another for contributions that are making a meaningful global impact. No matter what your role is here the work we do together has meaning. When you join our team you become a crucial part of a greater purpose. We’re committed to supporting you personally and professionally so we can achieve more together at the center of health.Protect yourself from job scams: Recruitment scams are on the rise. To protect yourself we urge you to be vigilant and follow these guidelines > https://careers.cencora.com/us/en/job-scams

Gallery