Senior Analyst, Security OT Architect - Long Island City, United States - The Estee Lauder Companies

Description

Senior Analyst, Security OT Architect

Brand: Estée Lauder Companies

Description

About Estée Lauder Companies

The Estée Lauder Companies is the global leader in prestige beauty — delighting consumers with transformative products and experiences, inspiring them to express their individual beauty. We are the only company focused solely on prestige makeup, skin care, fragrance, and hair care with a diverse portfolio of 25 brands sold in approximately 150 countries and territories. Infused throughout our organization is a passion for creativity and imagination — a desire to push the boundaries and invent the unexpected — as we continue the bold work of our founder Estée Lauder.

Who We Are

Do you want to be part of the team catalyzing digital innovation, harnessing the power of data, and transforming the fabric of security across the world's most prestigious beauty, skin-care, and luxury fragrance brands? Then join the information security and technology team, Enterprise Cybersecurity & Risk (ECR) at Estée Lauder Companies (ELC). ECR's security team fuels cyber defense, technology excellence, risk and compliance, and global resilience. We stay on the forefront of cyber threats to deliver fit-for-purpose tools, technologies, and processes that protect ELC's business operations and empower secure strategic growth. We shape and maintain a secure and scalable cybersecurity infrastructure. Effective collaboration with stakeholders to design architectural solutions, assess emerging technologies, and align security architecture with organizational goals is our core responsibility. If you thrive in change-rich entrepreneurial environments, then this is the team for you. From our fast-paced delivery plans to our global team expansion, this is an exciting time to join us

What You'll Do

As a Senior Analyst, Security OT Architect, you will be responsible for designing, implementing, and maintaining security measures for our industrial control systems (ICS) and other operational technology components. The successful candidate will work collaboratively with cross-functional teams to ensure the reliability, efficiency, and security of our critical assets to maintain the continuous integrity, availability, and confidentiality of our OT systems.

You will be responsible for:

• Conduct risk assessments to identify vulnerabilities and threats to OT systems.
  
  
• Design and implement security architectures for OT environments, specifying controls, encryption methods, and access policies.
  
  
• Develop ICS Control Frameworks, based on industry-standard processes as well as international and applicable national standards.
  
  
• Perform analysis of the architecture and infrastructure of Industrial Control Systems (OT/ IIoT) in the context of cybersecurity
  
  
• Develop and implement incident response plans specific to OT systems, ensuring a rapid and effective response to security incidents.
  
  
• Implement and manage security measures for OT networks, including firewalls, intrusion detection/prevention systems, and network segmentation.
  
  
• Enforce security policies and procedures for OT systems, ensuring compliance with relevant standards and regulations.
  
  
• Provide training and awareness programs for OT staff to promote a security-conscious culture.
  
  
• Collaborate with IT security teams to align security measures across IT and OT environments.
  
  
• Implement continuous monitoring solutions for real-time detection and response to security incidents.
  
  
• Stay updated on emerging technologies and trends in OT security, evaluating their impact on our security posture.
  
  
• Maintain accurate documentation related to OT security measures, configurations, and incident response procedures.
  
  
• Act as a resource for the team at large about security best practices, techniques, and lessons learned.
  
  
• Provide insights and advice into the maintenance of security policies and standards for all deployment environments.
  
  
• Support the Security Operations Center for any relevant incidents.
  
  

Qualifications

Who You Are

The Senior Analyst, Security OT Architect will partner with the entire organization and work collaboratively as part of the Global Security Architecture, Technology, and Solutions Team to support a variety of activities to protect the confidentiality, integrity, and availability of Estee Lauder's Global Business and IT/Supply Chain functions.

Must have excellent track record and proven ability to produce effective, innovative solutions on an enterprise scale. Constantly working to mature/improve the team's overall processes and protection/detection/response capabilities related to Industrial environments. Provide mentorship to the junior members, bringing them up to speed swiftly. Overhaul our documentation repositories, as well as guide improvements.

· Minimum of 3 years of relevant OT cybersecurity (ICS/SCADA) expertise and 2 years of relevant cybersecurity/network/systems expertise

· Bachelor's degree in computer science, Information Security, or Industrial Automation.

• Extensive technical knowledge of the following Industrial control areas: ICS/SCADA, Purdue Framework, NIST Framework, Segmentation Techniques, Next-Generation Firewalls, Industrial threat monitoring controls, PLC/HMI/DCS/EMS security, Wireless/RF Security, and Basic networking DHCP, DNS and IPAM (DDI), Virtual Private Network (VPN)
• Understanding of Internationally recognized cyber security standards and OT Regulations (NIST-CSF, ISO27k series, NIST, NIS2, etc.).

· Understanding of programming languages commonly used in OT environments (e.g., ladder logic, Structured Text).

· In-depth knowledge of relevant security standards and regulations (e.g., IEC ISA 99/62443, NIST SP 800-82, etc.)

· Understanding of Industrial communication protocols and technologies from main vendors (Rockwell, Siemens, ABB, Schneider Electric etc.)

· Certifications such as GICSP, GRID, or CISSP are a plus.

• Excellent communication and collaboration skills.
• Excellent experience and knowledge of multi-tiered network applications, common ports, and protocols used in those communications.
• Excellent verbal and written communication skills Ability to prioritize multiple simultaneous projects
• Strong analytical and organizational skills

The anticipated base salary range for this position is $83,500 to $125,500. Exact salary depends on several factors such as experience, skills, education, and budget. Salary range may vary based on geographic location. In addition to base salary, this position is eligible for participation in a highly competitive bonus program with possibility for overachievement based on performance and company results as well as participation in the share incentive plan.

In addition, The Estée Lauder Companies offers a variety of benefits to eligible employees, including health insurance coverage, wellness and family support programs, life and disability insurance, retirement savings plans, paid leave programs, education-related programs, paid holidays and vacation time, and many others. Many of these benefits are subsidized or fully paid for by the company.

Job: Information Technology

Primary Location: Americas-US-NY-Long Island City

Job Type: Standard

Schedule: Full-time

Shift: 1st (Day) Shift

Job Number: 243561

We are an equal opportunity employer. Minorities, women, veterans, and individuals with disabilities are encouraged to apply. It is Company's policy not to discriminate against any employee or applicant for employment on the basis of race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth and related medical conditions), gender identity or gender expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, or any other characteristic protected by applicable federal, state, or local laws and ordinances. The Company will endeavor to provide a reasonable accommodation consistent with the law to otherwise qualified employees and prospective employees with a disability and to employees and prospective employees with needs related to their religious observance or practices. Should you wish to apply for this position or any other position with the Company and you believe you require assistance to complete an application or participate in an interview, please contact