**Work mode**:Hybrid**Onsite Location(s)**:Heredia, H, CR**Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance**
- At Boston Scientific, we recognize that nurturing a diverse and inclusive workplace helps us be more innovative and it is important in our work of advancing science for life and improving patient health. That is why we stand for inclusion, equality, and opportunity for all. By embracing the richness of our unique backgrounds and perspectives, we create a better, more rewarding place for our employees to work and reflect the patients, customers, and communities we serve. Boston Scientific is proud to be an equal opportunity and affirmative action employer and has been recognized with the Catalyst Award in 2022, a prestigious recognition of diversity, equity, and inclusion excellence. Also, we have a Gender Equality Policy to support our commitment.- Hybrid Roles:
- Boston Scientific's hybrid workplace includes WFH and onsite. You will have the opportunity to discuss details in the interview.**About the role**:**Your responsibilities include**:
- Establish governance frameworks and policies to enforce cybersecurity standards and practices specifically tailored for operational technology (OT) environments.
- Ensure alignment with industry standards, regulatory requirements, and best practices, such as NIST Cybersecurity Framework, ISA/IEC 62443, and sector-specific regulations.
- Perform regular risk assessments and vulnerability assessments of OT systems, including industrial control systems (ICS), SCADA systems, and embedded devices.
- Identify and prioritize cybersecurity risks and vulnerabilities based on potential impact on critical operations and assets.
- Design, deploy, and maintain technical security controls and countermeasures to protect OT environments from cyber threats.
- Support internal and external audits, assessments, and compliance reviews related to OT cybersecurity controls and practices.
- Develop and deliver cybersecurity training and awareness programs tailored for OT personnel, including operators, engineers, and maintenance staff.
- Provide technical expertise and guidance to OT teams on cybersecurity-related matters, including secure architecture design, secure configuration management, and secure coding practices.
- Collaborate with cross-functional teams, including IT security, engineering, and operations, to integrate cybersecurity requirements into OT projects and initiatives.
- Evaluate and recommend new cybersecurity tools, techniques, and methodologies to enhance the security posture of OT systems and infrastructure.
- Maintain accurate documentation of cybersecurity policies, procedures, incidents, and remediation activities related to OT cybersecurity.
- Prepare regular reports and metrics to communicate the effectiveness of OT cybersecurity controls and initiatives to senior management and stakeholders.
- Communicate complex technical concepts and cybersecurity risks to non-technical stakeholders in a clear and understandable manner.
**What we are looking for**:
- Bachelor's degree in computer science, Information Security, or a related field. Advanced degree or professional certifications (e.g., CISSP, CISM, GICSP) preferred.
- Minimum of 8 years of experience in cybersecurity, with a focus on operational technology environments.
- Professional certifications, such as CISSP, GIAC (GSTRT, GLEG, GSLC, GPEN), OSCP, or other applicable technical certifications showing the area of expertise from qualified and reputable vendors and certification agencies.
- Experience with interpreting Security Control & Program Frameworks such as NIST 800-53, NIST 800-82, CIS Critical Security Controls, and IEC62443, into Cybersecurity Program, Policies & Procedures
- In-depth knowledge of industrial control systems (ICS), SCADA systems such as PCS, SCADA, PLCs, RTUs, HMIs, and other OT technologies.
- Hands-on experience with 1 or more security tools Dragos, ORDR, Armis, and Claroty.
- Experience developing and implementing cybersecurity policies and procedures.
- Proficiency in conducting risk assessments and vulnerability assessments of OT systems.
- Knowledge of the Purdue Model for OT/ ICS cybersecurity
- Excellent communication skills, with the ability to effectively collaborate with cross-functional teams and communicate complex technical concepts to non-technical stakeholders.
**Requisition ID**:579942- **Benefits - Life-Work Integration - Community - Career Growth**
- At Boston Scientific, you will find a collaborative culture driven by a passion for innovation that keeps us connected on the most essential level. With determination, imagination, and a deep caring for human life, we're solving some of the most important healthcare industry challenges. Together, we're one global team committed to making a difference in people's lives around the world. This is a place where you can find a career with meaningful purpose—impr