DirecciónBusiness Context and Main Purpose of the Role
Unilever is one of the world’s leading suppliers of Food, Home, and Personal Care products with sales in over 190 countries and reaching 3.4 billion consumers a day. Unilever has more than 400 brands found in homes around the world, including Persil, Dove, Knorr, Domestos, Hellmann’s, Wall’s, Ben & Jerry’s, Marmite, Magnum, and Lynx. Faced with the challenge of climate change and the need for human development, we want to move towards a world where everyone can live well and within the natural limits of the planet. That’s why our purpose as Unilever is ‘to make sustainable living commonplace’.
At Unilever, we’re determined to achieve a culture where everyone can thrive, a culture where all individuals are treated fairly and respectfully, and where their uniqueness is celebrated. We’re taking a holistic approach that focuses on how we can use the scale and reach of our business to have the greatest impact in our own workplace and beyond. We’ve set clear goals to eliminate any bias and discrimination in our policies and practices, accelerate diverse representation in our leadership, and remove barriers for people with disabilities. At the same time, we’re setting out to spend more with diverse businesses and increasing representation of diverse groups in our advertising. Find out more about our commitment to equity, diversity, and inclusion on our website.
Unilever’s Cyber Security organization is a multi-disciplinary team responsible for protecting the Confidentiality, Integrity and Availability of our Information and Operations. Our Cyber Security organization runs a 24x7 Security Operations Centre (SOC), oversees a robust Security Architecture and associated technology landscape, provides Cyber Security Solution Engineering and Risk Advisory to our business, and assesses the security of our vast technology estate, including factories, to name but a few areas. Cyber Security sits as part of the Business Operations organisations, as a peer to Unilever’s Technology and Data functions and the broad Supply Chain agenda. Cyber Security is tasked with elevating, reporting on and influencing enterprise cyber security risk mitigation across Unilever. The Cyber Security function is made up of the Governance, Risk, Assurance, and Compliance (GRAC) team, the Tech & Ops team, the BISO teams, and the Office of the CISO.
ROLE PURPOSE:
To support the organization's Operational Technology (OT) estate by providing real time analysis of security alerts / incidents from our EDR, SIEM and bespoke OT security tools. OT Security analysts play a crucial role in detecting and responding to OT based cyber threats to protect Unilever's digital assets and data. Their responsibilities include analysis of security incidents, initial investigation and response of incidents, and collaborating with the ISL, Factory, and other OT teams to ensure a resilient and secure digital environment for the organization.
ROLE SUMMARY:
Unilever is seeking an extremely motivated security professional to work in the area of OT Security. Focusing on industrial and operational technologies, the OT Security Analyst will perform detection and initial response duties, ensuring alerts are managed promptly, understood and actioned upon within defined SLAs and provide low level analysis of incidents to support CERT and Intelligence functions.
Key deliverables include:
- Effective monitoring and triage of OT related security alerts / incidents.
- Support IT related security alerts / incidents when capacity permits.
- Effective response to security alerts / incidents.
- Support the delivery of OT security workstreams and projects.
- Continuously improve OT based security tools, including rule set and use case building.
- Security Standards are complied with.
- Production of security reports and periodicals to support business needs.
- Identify improvements to security controls and technologies.
- Champion security compliance and good security behaviors.
- Monitor and uphold high quality of service.
- Communicates with impact, in a way that is open, honest, consistent and clear.
- Work to deliver an agreed portfolio of OT security projects and improvements under the leadership Cyber fusion and Ops lead.
- Assist with the complex control related cyber troubleshooting.
- Working with multiple stakeholders to improve OT security skill sets within the workforce.
- Supporet the deployment of OT security solutions and improvements, ensuring Security and Safety Standards are applied.
- Apply and monitor compliance with company Security Standards.
- Engage effectively with factory, ISL and other OT related teams, advocating cyber security and identifying problem areas to support a continuous improvement approach.
Main Accountabilities
- Ability or capability to produce data network diagrams and documentation.
- Ability to identify information needs and a willingness to proactively acquire and learn the necessary knowledge and skills.
- To provide technical support and troubleshooting for IT systems, data networks and cyber security solutions.
- To assist with the design and installation of OT security solutions.
- To install, configure and administer OT security solutions.
- Able to work with and understand EDR, AV, Network, Firewall, Switch, SIEM and other security related data sets / logs for the purpose of analysis and investigations.
- Ability to support the patch management process in an OT environment.
- Log monitoring and threat detection.
- Assist with cyber incident response.
- To be aware of the cyber threats and vulnerabilities within cyber security and specifically those within a manufacturing environment.
Key Skills and Relevant Experience
- Experience in an Access & Control environment within a global manufacturing organisation.
- Experience or knowledge of cyber security concepts.
- Experience or capability to install, configure, and operate common security controls.
- Proven ability to analyse problems, identify core issues and recommend appropriate solutions.
- A keen interest in cyber security and its application in an industrial environment.
- Willingness to proactively acquire and learn the necessary knowledge and skills.
- Good communication skills (both written and verbal).
- Experience of A&C systems or components including.
- Process control.
- Scada.
- Distributed control.
- PLCs and RTUs.
- Industrial data communications (e.g. Profinet, EtherNet/IP, Switches and Routers etc)
- IoT and Industrial IoT.
- Experience of or demonstrable capability to install, configure and manage security controls (preferably in an industrial environment) including.
- Firewalls.
- Anti-Virus / Anti-Malware (AV/AM).
- Ips/ids.
- Logging and Monitoring.
- Access Control.
- Asset Management.
A Unilever é uma organização comprometida com equidade, inclusão e diversidade para impulsionar nossos resultados de negócios e criar um futuro melhor, a cada dia, para nossos diversos funcionários, consumidores globais, parceiros e comunidades. Acreditamos que uma força de trabalho diversificada nos permite igualar nossas ambições de crescimento e impulsionar a inclusão em todo o negócio. Na Unilever estamos interessados em cada indivíduo trazendo seu "Eu como um todo" para o trabalho e isso inclui você! Assim, se você precisar de algum suporte ou requisitos de acesso, nós o encorajamos a nos aconselhar no momento de sua inscrição para que possamos apoiá-lo através de sua jornada de recrutamento.
