OT Vulnerability Management Lead UK

Job Description

Hello. We’re Haleon. A new world-leading consumer health company. Shaped by all who join us. Together, we’re improving everyday health for billions of people. By growing and innovating our global portfolio of category-leading brands – including Sensodyne,Panadol, Advil, Voltaren, Theraflu, Otrivin, and Centrum – through a unique combination of deep human understanding and trusted science. What’s more, we’re achieving it in a company that we’re in control of. In an environment that we’re co-creating. And aculture that’s uniquely ours. Care to join us. It isn’t a question.With category leading brands such as Sensodyne, Voltaren and Centrum, built on trusted science and human understanding, and combined with our passion, knowledge and expertise, we’re uniquely placed to do this and to grow a strong, successful business.This is an exciting time to join us and help shape the future. It’s an opportunity to be part of something special.About the roleThe OT Vulnerability Management Lead will provide technical leadership to setup OT Vulnerability Management Program by architecting, implementing, and governing Vulnerability Management technologies, tools, and processes. The candidate should be capableof managing OT vulnerability lifecycle (from detection to closure), keeping a risk-based approach throughout the lifecycle.The best candidate will have the security-by-design mindset and yet understand the importance of building relationships with the other IT teams to convince them to patch the vulnerabilities for reducing cyber risk to the Company. The chosen candidate willwork with the OT Program Manager, OT Team, and Business Stakeholders to design and implement vulnerability management for managing vulnerabilities that are associated with the technology assets in our manufacturing sites.Role Responsibilities

• Develop and implement OT Vulnerability Management Strategic Roadmap and Plan
• Develop and implement OT VM Processes Develop OT VM processes, guidelines, standards, and metrics
• Develop and implement OT vulnerability prioritization frameworks, remediation prioritization frameworks
• Lead remediation tracking meetings to explain vulnerabilities and possible remediation/mitigation solution. Also motivate remediators to commit a remediation plans at the same time ensure their remediation is not impacting the business negatively.
• Lead zero-day/emergency-vulnerability evaluation and resolution to ensure if a particular zero-day or emergency vulnerability is impacting Haleon OT devices, is there a remediation or mitigation possible etc. Also support incident response team (as needed).
• Ensure OT-VM vendor is providing day-to-day support to the customer, following defined processes and procedures to detect, triage, prioritize, report the vulnerabilities to the customer and providing accurate remediation/mitigation advice.

Why youBasic Qualifications:

• Bachelor’s degree in Information Technology / Information Security or equivalent experience in technology
• Minimum of 8 years of experience in a technology related field or 4 years in OT security
• Strong technical knowledge regarding OT technologies, to evaluate and prioritize security vulnerabilities that can impact the OT technologies and to provide appropriate remediation/mitigation recommendations.
• Experience in designing OT VM program, processes, procedures, standards, metrics.
• Analyzing security vulnerabilities and deciding if this impacts Haleon and what should be done to remediate or mitigate it.
• Finding a balance between Security and Business objectives, by creating a culture where security is major consideration

Preferred Qualifications:

• ISC2: CISSP
• ISACA: CISM

Embrace Flexibility with HaleonLocation: This exciting opportunity offers a flexible hybrid work arrangement, allowing you to contribute from our Weybridge and London offices as needed.We believe in an agile working culture for all our roles. If flexibility is important to you, we encourage you to explore with our hiring team what the opportunities are.Please save a copy of the job description, as this may be helpful to refer to once the advert closes.#Li-Hybrid Care to join us. Find out what life at Haleon is really like careers/At Haleon we embrace our diverse workforce by creating an inclusive environment that celebrates our unique perspectives, generates curiosity to create unmatched understanding of each other, and promotes fair and equitable outcomes for everyone. Were strivingto create a climate where we celebrate our diversity in all forms by treating each other with respect, listening to different viewpoints, supporting our communities, and creating a workplace where your authentic self belongs and thrives. We believe in an agileworking culture for all our roles. If flexibility is important to you, we encourage you to explore with our hiring team what the opportunities are.As you apply, we will ask you to share some personal information, which is entirely voluntary. We want to have an opportunity to consider a diverse pool of qualified candidates and this information will assist us in meeting that objective and in understandinghow well we are doing against our inclusion and diversity ambitions. We would really appreciate it if you could take a few moments to complete it. Rest assured, Hiring Managers do not have access to this information and we will treat your information confidentially.Haleon is an Equal Opportunity Employer. All qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age,disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, Haleon may be required to capture and report expenses Haleon incurs, on your behalf, in the event you areafforded an interview for employment. This capture of applicable transfers of value is necessary to ensure Haleon’s compliance to all federal and state US Transparency requi