Senior Global IT Security Specialist

Senior Global IT Security Specialist - OT

Position of broad specialization, with main area focusing on Operational Technology (OT) with a strong foundation in IT and Cybersecurity. In this role employee will ensure continuous operating and management on OT and IT Security across GGH global environment. Person will be responsible for creating, implementing and maintaining of best practises for GGH.
This role will closely cooperate with varius internal teams (OT, Infrastructure) and with business stakeholders. Also, role will be responsible for contact with external stakeholders (clients, vendors).
On daily basis will be responsible globally for IT Security related work and support including security incidents response and handling, cooperation with MSSP team, work with Data Loss Prevention, Privilege Access Management, Vulnerability Management,  Security Awareness and other IT Security systems.

Responsibilities:

• Lead and support the secure design, deployment, and lifecycle management of industrial control systems (ICS) and associated infrastructure across our global operations
• Hands-on understanding of SCADA, PLC, DCS, HMI, and other OT technologies, combined with in-depth knowledge of IT network security, asset protection, and compliance frameworks
• Preparation, verification, implementation and maintaining of global procedures regarding information security.
• Preparation and verification of internal procedures regarding IT business continuity.
• Responding to security incidents and analyzing the causes of these incidents.
• Constructive resolution of detected IT security and IT business continuity problems, including proposing and implementing security mechanisms.
• Maintaining, monitoring and improving information security management systems and IT business continuity in accordance with legal provisions, standards and the needs of the company.
• Participation in work related to information security and business continuity globally for GGH companies around the world, including but not limited to proposing improvements and changes to current processes.
• Information security project management. Making decisions related to the project, within the framework of the ordinance on the appointment of the Implementation Team.
• Cooperation with business stakeholders globally. Performing ad-hoc analysis on key security business questions.
• Cooperation with suppliers and vendors in the field of information security and IT business continuity.
• Conducting internal controls of the functioning of systems and processes, IT security risk analysis and IT business continuity.
• Escalation support for any solution issues that may exist.
• Performing other duties entrusted by the supervisor, resulting from the tasks realized by the Company and teams.
• Motivating and influencing people, changing attitudes and behaviours.

Requirements:

• Hands-on experience with one or more OT-related security platforms such as Armis, Claroty, Dragos, Darktrace
• Strong understanding of Endpoint & Infrastructure Security in Operational Technology (OT) environments
• Experience with Cloud Security, particularly within the Microsoft Azure and MS365 stack
• Familiarity with key cybersecurity tools and practices, including:
• Data Loss Prevention (DLP)
• Security Information and Event Management (SIEM)
• Privileged Access Management (PAM)
• Security Awareness Training platforms (e.g., KnowBe4)
• Understanding of concepts of Purdue Model
• Hands-on experience with SCADA, PLC, DCS, HMI
• Analytical and problem-solving skills

• Vulnerability Management (Vm)

• Experience in designing, deploying, and maintaining industrial control system (ICS) components including PLCs, SCADA systems, DCS, HMIs, RTUs, and networked field devices
• Supporting network segmentation between IT and OT zones (e.g., Level 0–5 Purdue Model)
• OT hardware lifecycle management and interfacing with equipment vendors (e.g., Siemens, Rockwell, Schneider Electric)
• Configuring and maintaining redundant, fault-tolerant systems to ensure uptime of critical operations
• Ability to work in cross-functional teams, including remote and external resources
• Effective communication with technical resources
• Works with minimal guidance and recognizes when guidance is needed
• Ability to understand and develop enterprise policy and technical standards, particularly regarding data loss protection and secure configuration
• Willingness and ability to learn about data loss protection management, exploits, hacker techniques, and overall security operations.

• Vulnerability Management (Vm)

• Data Loss Prevention (DLP)
• Security Information and Event Management (SIEM)
• Privileged Access Management (PAM)
• Security Awareness Training platforms (e.g., KnowBe4)
• Understanding of concepts of Purdue Model
• Hands-on experience with SCADA, PLC, DCS, HMI
• Analytical and problem-solving skills
• Data Loss Prevention (DLP)
• Security Information and Event Management (SIEM)
• Privileged Access Management (PAM)
• Security Awareness Training platforms (e.g., KnowBe4)
• Understanding of concepts of Purdue Model
• Hands-on experience with SCADA, PLC, DCS, HMI
• Analytical and problem-solving skills

Additional Requirements:

• Possession of recognized IT Security certifications such as:
• CEH, CISSP, SCCP, CCSP, CompTIA Security+, OSCP, or equivalent
• Solid understanding of industry standards and frameworks, including:
• ISA/IEC 62443, NIST Cybersecurity Framework, and other relevant OT/IT security guidelines.

We Offer:

• Being part of a fast-growing, dynamic company, one of leading global packaging manufacturers 
• Fast-paced, challenging environment with great professional growth opportunities 
• Collaborative culture with strong quality and innovation focus 
• Flexible and hybrid work arrangement - this role can be based out of the Romania (Bucharest)

If you are a current CANPACK employee, please apply through your Workday account.

CANPACK Group is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, colour, religion, age, sex, sexual orientation, gender identity, national origin, disability, or any other characteristic protected by law or not related to job requirements, unless such distinction is required by law.