Security Specialist - Operational Technology

Job Location: Laval, Quebec, CAN

Job Requisition ID: 14733

POSITION BASED AT THE LAVAL OFFICE - HYBRID SCHEDULE - 3 DAYS IN OFFICE

We are looking for an OT Security Specialist to join our Global Cybersecurity team within a leading pharmaceutical manufacturing company. In this role, you will help implement and support OT cybersecurity measures across our global manufacturing sites. You will work closely with local site teams, engineering, IT infrastructure, and central cybersecurity functions to strengthen the security of OT systems. This position is ideal for someone with foundational knowledge of OT/ICS environments and a strong interest in cybersecurity fundamentals, including identity and access management, network segmentation, and security monitoring. You will gain hands-on experience with OT security tools, participate in architecture reviews, and contribute to global initiatives that protect critical manufacturing operations.

Key Responsibilities

• Implement and operate OT cybersecurity controls across manufacturing environments, securing systems such as PLCs, SCADA, DCS, and MES.
• Participate in OT/ICS architecture reviews and maintain security standards aligned with ISA/IEC 62443 and NIST SP 800-82.
• Manage identity and access for OT and production systems, including system-to-system access, IT-OT integrations, segregation of duties, and least-privilege enforcement.
• Support OT security monitoring using cybersecurity and OT-specific tools; collaborate with SOC to triage alerts, investigate incidents, and identify risks, vulnerabilities, and malicious activity.
• Plan and execute patching strategies for OT assets to minimize operational impact and maintain validation status.
• Operate and maintain OT security tooling such as EDR, asset discovery/monitoring, and vulnerability detection; assist with configuration, testing, documentation, and controlled deployments.
• Contribute to OT security policies, standards, and SOPs; support audit readiness and regulatory compliance, apply and improve change management processes for OT, ensuring traceability, validation alignment, and production safety.
• Provide targeted OT security awareness and hands-on support to site teams; perform site assessments, walkthroughs, and remediation planning with engineering and operations.

Required Qualifications

Education

Bachelor's degree in Cybersecurity, Information Technology, Engineering, Computer Science, or a related field. Equivalent professional experience may be considered

Experience & Skills

• 4 to 7 years of overall IT or technical experience, with 3 to 5 years in cybersecurity, OT security, industrial systems, or related domains.
• Foundational understanding of OT/ICS environments and how they differ from traditional IT systems.
• Solid knowledge of identity and access management principles, including system accounts, authentication, authorization, and least-privilege practices.
• Strong grasp of network security concepts such as firewalls, ports, protocols, and segmentation.
• Familiarity with security monitoring and SIEM tools, and ability to assist in troubleshooting, incident investigation, and understanding attack techniques and threat actor behaviors.
• Experience collaborating with cross-functional teams (engineering, operations, IT, and integrators).
• Excellent communication skills and ability to work effectively in a global, multi-region environment.

Preferred Qualifications

• Experience in pharmaceutical, manufacturing, or other regulated industrial environments
• Exposure to OT security frameworks such as ISA/IEC 62443, NIST, or Purdue Model
• Relevant certifications are a plus, including GICSP, ISA/IEC 62443 (CFS or related), Security+, CISSP or CISM (or associate-level equivalents)
• Experience supporting or collaborating with a 24x7 Security Operations Center (SOC)

Personal Attributes

The ideal candidate brings a practical, risk-based approach to OT security, with a clear understanding of how to balance cybersecurity controls with manufacturing reliability and safety. They collaborate effectively across regions, communicate clearly with both technical and non-technical stakeholders, and are motivated to help strengthen the organization's global OT security posture.