Plant Operations

Job Title:

Senior Manager- Plant Operations(OT and Security plant governance)

Job Grade

G9B

Function:

IT

Sub-function:

Cyber Security

Location:

Mumbai

Job Summary

At Sun Pharma, we commit to helping you “Create your own sunshine”— by fostering an environment where you grow at every step, take charge of your journey and thrive in a supportive community.

Are You Ready to Create Your Own Sunshine?

As you enter the Sun Pharma world, you’ll find yourself becoming ‘Better every day’ through continuous progress. Exhibit self-drive as you ‘Take charge’ and lead with confidence. Additionally, demonstrate a collaborative spirit, knowing that we ‘Thrive together’ and support each other’s journeys.”

Job Summary:

The Senior Manager OT/ICS Security - Plant Operations, will be responsible for developing, implementing, and managing the comprehensive cybersecurity strategy and operations for the organization's Operational Technology (OT) and Industrial Control Systems (ICS) environments within our plant operations. This role demands a deep technical expert with proven experience in securing critical infrastructure and industrial systems, who can also provide strategic leadership and foster a culture of security awareness in a highly sensitive operational context. The SM will safeguard the availability, integrity, and confidentiality of our plant control systems, ensuring business continuity and compliance with sector-specific regulations.

Key Responsibilities:

•            Strategic Leadership & Program Development:

• Design and implement the OT/ICS cybersecurity strategy and roadmap, ensuring alignment with enterprise-wide security objectives, industry standards (such as ISA/IEC 62443 and NIST CSF for ICS), and broader business goals.
• Build and continuously enhance the OT/ICS security program by developing tailored policies, standards, procedures, and architectural frameworks suited to industrial environments.
• Partner closely with plant operations, engineering, and IT teams to embed security into OT/ICS initiatives and day-to-day operational workflows.
• Monitor the evolving landscape of OT/ICS threats, vulnerabilities, and emerging technologies to proactively strengthen and refine the organization’s cybersecurity posture.

•            OT/ICS Security Operations & Management:

• Direct the daily security operations across all OT/ICS environments at plant sites, including continuous monitoring, threat detection, and incident response.
• Supervise the deployment and ongoing management of OT/ICS-specific security controls, including:

• • Network segmentation aligned with the Purdue Model and Zero Trust principles for OT
  • Vulnerability assessment and patch management for industrial components (PLCs, DCS, SCADA, HMIs)
  • Implementation of industrial firewalls, intrusion detection systems (IDS), and anomaly detection tools
  • Secure remote access solutions for both internal users and third-party vendors
  • Endpoint protection for industrial servers and workstations
  • Deployment of data diodes and enforcement of secure data flows
  • OT/ICS-focused backup strategies and disaster recovery planning.

• Lead and coordinate incident response efforts for OT/ICS systems, ensuring effective containment, remediation, recovery, and post-incident review.
• Enforce secure configuration practices and ensure compliance with baseline standards across all OT/ICS assets.

•            Risk Management & Compliance:

• Perform in-depth risk assessments of OT/ICS environments to identify critical assets, potential threats, and existing vulnerabilities.
• Establish and maintain an OT/ICS risk register, documenting identified risks, mitigation strategies, and tracking residual risk levels over time.
• Ensure adherence to applicable national and international regulations and cybersecurity standards for critical infrastructure, such as NCIIPC guidelines (India) and sector-specific directives from regulatory bodies like CERC and PNGRB, where relevant.
• Lead and support both internal and external audits of OT/ICS cybersecurity, including regulatory inspections, and oversee the timely resolution of any identified issues or compliance gaps.

•            Architecture & Engineering:

• Offer expert advisory on secure architecture for both new and existing OT/ICS deployments, ensuring cybersecurity is embedded from the initial design stage.
• Work closely with engineering teams to design and configure secure systems, including effective network segmentation within plant control networks.
• Assess, recommend, and lead the implementation of advanced OT/ICS security technologies and solutions to strengthen the overall security posture.

•            Team Leadership & Development:

• Build and lead a high-performing team of OT/ICS cybersecurity specialists, providing mentorship and technical guidance.
• Cultivate a team culture focused on deep expertise, continuous learning, and proactive security practices.
• Oversee resource planning, performance management, and professional growth for team members.
• Drive the recruitment and onboarding of talent with specialized skills in OT/ICS security to strengthen team capabilities.

•            Stakeholder Engagement & Awareness:

• Act as a liaison between IT security and plant operations/engineering teams, promoting effective collaboration and mutual understanding.
• Design and deliver targeted OT/ICS cybersecurity awareness and training programs tailored for plant staff, operators, and engineering personnel.
• Clearly articulate complex OT/ICS security risks and concepts to diverse audiences, including both technical teams and senior leadership.
• Oversee and maintain productive relationships with external OT/ICS security vendors and service partners.

Job Requirements

Educational Qualification

Bachelor's degree in Engineering (Electrical, Electronics, Instrumentation, Computer Science), Industrial Control Systems, Cybersecurity, or a related field. Master's degree preferred.

Specific Certification

GICSP (Global Industrial Cyber Security Professional)

ISA/IEC 62443 Certification (e.g., ISA/IEC 62443 Cyber Security Expert)

CISSP (Certified Information Systems Security Professional)

CISM (Certified Information Security Manager)

CRISC (Certified in Risk and Information Systems Control)

Relevant vendor-specific certifications (e.g., related to specific DCS/SCADA vendors like Honeywell, Siemens, Rockwell Automation).

Experience

A minimum of 8+ years of progressive experience in cybersecurity, including at least 5 years dedicated to Operational Technology (OT) and Industrial Control Systems (ICS) security in a senior or leadership capacity.

Proven track record of working within plant operations, manufacturing, oil & gas, power, utilities, or other critical infrastructure sectors.

Extensive hands-on expertise with a range of industrial control systems such as SCADA, DCS, PLC, RTUs, and Historians, along with associated communication protocols including Modbus, Profinet, OPC UA, DNP3, and Ethernet/IP.

Demonstrated ability to implement and manage security technologies specific to OT/ICS environments.

Strong knowledge of the challenges related to IT/OT convergence and established best practices for securing integrated environments.

Skill (Functional & Behavioural):

Technical Expertise:

• In-depth expertise in OT/ICS-specific security frameworks and standards, including ISA/IEC 62443, NIST SP 800-82, and CISA ICS Best Practices.
• Strong knowledge of industrial networking architectures and communication protocols.
• Comprehensive understanding of OT/ICS attack vectors, threat actors, and effective mitigation techniques.
• Hands-on experience with OT/ICS security tools such as passive monitoring, asset discovery, and vulnerability assessment solutions tailored for OT environments.
• Awareness of physical security requirements related to control systems.
• Familiarity with functional safety and process safety principles within industrial settings.

•            Leadership & Management Skills:

• Outstanding leadership, team development, and mentoring skills.
• Strategic mindset with proven capability to develop and implement long-term OT/ICS security strategies.
• Robust project and program management expertise, particularly in operational settings.
• Superior decision-making abilities, especially under pressure during critical security incidents.
• Proven track record of managing complex technical projects within demanding operational environments.

•            Communication & Collaboration:

• • Exceptional written and verbal communication skills, with the ability to clearly convey complex technical and operational security concepts to a wide range of audiences, from plant operators to executive leadership.
  • Excellent interpersonal skills, fostering trust and collaboration across diverse teams including IT, Engineering, and Operations.
  • Skilled in conflict resolution and facilitating productive dialogue between IT and OT stakeholders
    
    

•            Personal Attributes:

• Demonstrates a strong commitment to integrity, ethics, and professionalism, especially when managing sensitive operational data.
• Proactive, resilient, and adaptable to the evolving demands of OT environments.
• Dedicated to ensuring operational safety and maintaining business continuity.
• Willingness and ability to travel to plant sites as needed.

Your Success Matters to Us

At Sun Pharma, your success and well-being are our top priorities! We provide robust benefits and opportunities to foster personal and professional growth. Join us at Sun Pharma, where every day is an opportunity to grow, collaborate, and make a lasting impact. Let’s create a brighter future together!