Who are we?
Equinix is the world’s digital infrastructure company®, operating over 250 data centers across the globe. Digital leaders harness Equinix's trusted platform to bring together and interconnect foundational infrastructure at software speed. Equinix enables organizations to access all the right places, partners and possibilities to scale with agility, speed the launch of digital services, deliver world-class experiences and multiply their value, while supporting their sustainability goals.
Our culture is based on collaboration and the growth and development of our teams. We hire hardworking people who thrive on solving challenging problems and give them opportunities to hone new skills and try new approaches, as we grow our product portfolio with new software and network architecture solutions. We embrace diversity in thought and contribution and are committed to providing an equitable work environment that is foundational to our core values as a company and is vital to our success.
Manager, OT Information Security
Job Summary
The ICS/OT Security Manager will ensure the security of the organization's information assets, designs, configuration baselines, and systems through a structured, proactive approach that balances risk with business requirements. He or she will plan, engineer, configure, implement, and troubleshoot security and Industrial Control Systems ICS/OT infrastructure necessary to maintain, an array of secure global data centers and ICS/OT infrastructure.. Partner with internal and external business partners as necessary to provide security assurance against cyber-attacks, to include inappropriate and/or unauthorized disclosure of Company and/or Customer information; and other cyber activities that could negatively impact Equinix and its customers. Implement new technologies, policies, and procedures for optimal business network operations. Provide operational support for security and OT/IT infrastructure. Proactively identify security vulnerabilities and mitigation opportunities within the security and OT/IT infrastructure. Demonstrate an aptitude for maintaining strong security market awareness as well as to recommend, implement, and manage cutting-edge technologies.
Responsibilities
Review / Approvals / Escalations
- Reviews and approves security best practices for networks, systems, and applications
- Acts as a more senior escalation point for approving or rejecting security architecture requests
- Acts as escalation point for resolving complex customer security inquiries in partnership with Operations teams
- Reviews, analyzes, provides recommendations and may decide on acceptance or rejection of audit controls
Management Reporting
- Collects, analyzes, organizes and presents data on projects and operations to senior management
- Executes against operational KPIs
Process/Policies/Standards
- Creation/refinement of efficient processes, standards, and policies
- Monitors violations, and designs a remediation plan to ensure adherence
Road Map/Planning
- Provides input and makes recommendations for compliance road-map
- Responsible for developing and communicating a roadmap of projects and initiatives to project/functional stakeholders
Project/Program Management
- Responsible for producing and/or validating project plans, provided by project managers & technology professionals
- Responsible for ensuring projects deliver on time and budget by holding contributors accountable for delivering on project milestones and deliverables
- Responsible for identifying project execution risks and project-related issues, suggesting mitigation plans for resolution to management
- Responsible for project resource allocation and management and budget management
Stakeholder Management
- Responsible for providing comprehensive input to stakeholders to support decision making
- Proactively communicates issues and risks and escalate conflicts, proposing options for resolution
- Able to drive effective conflict resolution between stakeholders
- Manages all stakeholder communications with respect to project and operations status
- In addition to building effective working relationships with stakeholders, the manager partners with stakeholders to execute against agreed-upon commitments
- Responsible for managing stakeholder escalations/priority shifts to resolution and/or senior management escalation
Vendor Management
- Assists vendor resources with onboarding activities through all Equinix channels, ensuring vendor resources have appropriate workspace, system access, and tools
- Manages/leads individual consulting resources, as assigned
- Identifies initial commercial implications for vendor selection and performs initial due diligence
- Provides inputs for vendor negotiations
- Manages approved vendor relationships
- Monitors and reports on delivery of vendor deliverables
Domain Experience
- Identify changes needed in data center infrastructure design and configurations vital to achieving the technology organization goals
- Analyzes network & IT/OT system response and determines tuning recommendations to improve performance, adhere to capacity management expectations, and provide performance management reporting
- Lead effective issue identification and resolution processes; Serve as a senior escalation point for all data center network and IT/OT security operations issues with a degree of quality that results in absolute root-cause determination and drive vendor partners to provide quality assurances by requiring immediate bug fixes, software updates, etc.
- Perform advanced tier 3 support, to include but not limited to: troubleshooting, off-hour maintenance activities, problem resolution, and on-call rotation while ensuring all activities will adhere to the services change management policy
- Perform capacity planning of all systems and environments; ensure that upgrades are completed on a standardized basis
- Build and maintain documentation as it relates to IT/OT systems, design, configuration, support and processes
- Create and maintain playbooks and remediation plans ensuring that these are tested and updated regularly
- Design and develop solutions and OT requirements based on business unit needs; make recommendations on investments in network hardware and services
- Evaluate new technologies and recommend future strategies to Management
Qualifications
- 7+ years experience
- SANS security certification is a Plus (GICSP…etc.)
- A recognized university degree in Computer Science, Computer/Electrical Engineering, Information ·Technology or equivalent.
- Have at least 5 complete years of relevant working experience with implementation / deployment / securing ·ICS/OT/IT systems.
- Multiple year experience of Operational Technology systems both Physical Security and HVAC/BMS systems and their architecture, vulnerabilities and remediation
- Experience and knowledge of traditional security controls and technologies, such as: Security Information and Event Management (SIEM) systems; Intrusion Detection/Prevention systems (IDS/IPS); Public Key Infrastructure (PKI), Identity and Access Management (IDAM) systems; Antivirus software and Firewall; Privilege/vulnerability and threat management; Operational Support Systems
- In addition to newer offerings such as: Endpoint Detection and Response (EDR); Information Protection; Security Automation and Orchestration
- Well-rounded knowledge of system and network security techniques and standards, NIST CSF, 800-53, 800-82
- Experience with ICS/OT system communications protocols (TCP/IP, UDP IP, HTTP, FTP, SFTP, USB, MODBUS TCP, PROFIBUS, BACNET, RS 232/485, XMPP)
- Experience in Python, PowerShell, Ansible is preferred Java, Java Script, SQL a nice to have
- Experience in data visualization using Power PI or Tableau is a nice to have.
- Travel on overseas assignment as the need arises
Equinix is committed to ensuring that our employment process is open to all individuals, including those with a disability. If you are a qualified candidate and need assistance or an accommodation, please let us know by completing this form.
Equinix is an Equal Employment Opportunity and, in the U.S., an Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to unlawful consideration of race, color, religion, creed, national or ethnic origin, ancestry, place of birth, citizenship, sex, pregnancy / childbirth or related medical conditions, sexual orientation, gender identity or expression, marital or domestic partnership status, age, veteran or military status, physical or mental disability, medical condition, genetic information, political / organizational affiliation, status as a victim or family member of a victim of crime or abuse, or any other status protected by applicable law.
Equinix is committed to ensuring that our employment process is open to all individuals, including those with a disability. If you are a qualified candidate and need assistance or an accommodation, please let us know by completing this form.
Equinix is an Equal Employment Opportunity and, in the U.S., an Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to unlawful consideration of race, color, religion, creed, national or ethnic origin, ancestry, place of birth, citizenship, sex, pregnancy / childbirth or related medical conditions, sexual orientation, gender identity or expression, marital or domestic partnership status, age, veteran or military status, physical or mental disability, medical condition, genetic information, political / organizational affiliation, status as a victim or family member of a victim of crime or abuse, or any other status protected by applicable law.