• OT Security Analyst (Vulnerability & Analytics)

Work Schedule

Standard (Mon-Fri)

Environmental Conditions

Adherence to all Good Manufacturing Practices (GMP) Safety Standards, Cleanroom: no hair products, jewelry, makeup, nail polish, perfume, exposed piercings, facial hair etc... allowed, Laboratory Setting, Office, Some degree of PPE (Personal Protective Equipment) required (safety glasses, gowning, gloves, lab coat, ear plugs etc.), Warehouse

Job Description

Position Summary

The OT Security Analyst will play a key role in strengthening Thermo Fisher Scientific’s manufacturing, laboratory, and R&D environments by supporting vulnerability management, data analytics, and reporting capabilities within OT security operations. This role focuses on execution — ensuring that vulnerabilities are identified, prioritized, tracked, and remediated effectively while providing actionable insights that improve the overall security posture.

Working closely with OT Security Operations, engineering teams, and the enterprise SOC, the Analyst will analyze data, develop reporting, and support operational workflows to ensure visibility, accountability, and continuous improvement across a global environment.

Key Responsibilities

• Analyze OT vulnerabilities, advisories, and threat intelligence relevant to manufacturing, lab, and R&D systems.
• Assess risk and prioritize remediation activities based on business impact, exploitability, and operational constraints.
• Develop and track remediation plans in collaboration with site teams, engineering, and security stakeholders.
• Operate and maintain vulnerability management workflows, ensuring accurate tracking and reporting of findings.
• Develop dashboards, metrics, and reports to provide visibility into OT security posture, vulnerabilities, and remediation progress.
• Analyze large datasets to identify trends, systemic risks, and opportunities for improvement.
• Support KPI definition and tracking aligned to OT security program objectives.
• Leverage data visualization tools to communicate insights effectively to technical and non-technical stakeholders.
• Collaborate with SOC and OT security operations teams to support monitoring, detection, and response activities.
• Assist in correlating vulnerability data with security events to improve risk-based decision making.
• Support incident response efforts by providing vulnerability and asset context.
• Contribute to continuous improvement of detection and response capabilities in OT environments.
• Partner with OT engineering, site operations, IT, and cyber security teams to ensure effective vulnerability remediation.
• Build strong working relationships across manufacturing, lab, and R&D organizations.
• Communicate findings, risks, and remediation status clearly to stakeholders.
• Management and coordination of activities across multiple sites and teams to drive consistent outcomes.
• Identify opportunities to improve vulnerability management processes, tooling, and reporting.
• Contribute to standardization of practices across sites and environments.
• Development of playbooks, documentation, and best practices.
• Stay current with emerging threats, vulnerabilities, and industry trends relevant to OT environments.

Travel

Up to 20% travel to manufacturing, lab, and R&D sites as needed to support assessments and remediation efforts.

Qualifications

Experience & Skills

• Experience in vulnerability management, cyber security analytics, or security operations.
• Strong analytical and problem-solving skills, with the ability to interpret complex data sets.
• Familiarity with OT/ICS environments, industrial systems, and manufacturing or lab operations preferred.
• Experience with vulnerability management tools, reporting platforms, and data visualization tools (e.g., Power BI, Tableau, Excel).
• Understanding of cyber security concepts such as risk scoring, CVSS, patching, and system hardening.
• Ability to manage multiple priorities and work independently with limited supervision.
• Effective communication and collaboration skills in global, matrixed organizations.

Education & Certifications

• Bachelor’s degree in Cyber Security, Information Systems, Engineering, or related field preferred.
• Relevant certifications (e.g., Security+, GICSP, CySA+, or equivalent) desirable.
• Equivalent work experience may substitute for formal education.

Enhanced Technical Requirements

• Familiarity with OT vulnerability management platforms and asset inventory tools.
• Understanding of industrial protocols and their security implications (e.g., Modbus, OPC, Ethernet/IP).
• Experience integrating vulnerability data with SIEM or other monitoring platforms.
• Strong Excel skills (data analysis, pivot tables) and experience with dashboarding tools.
• Knowledge of security frameworks such as ISA/IEC 62443 or NIST CSF is a plus.
• Experience leveraging data analytics or AI-driven insights to enhance vulnerability management is desirable.

Soft Skill Expectations

• Ownership: Take responsibility for assigned analysis, reporting, and tracking activities.
• Execution: Deliver accurate, timely outputs across vulnerability management workflows.
• Collaboration: Work effectively across OT, IT, cyber security and business teams.
• Communication: Present data and insights clearly to technical and non-technical audiences.
• Attention to Detail: Ensure accuracy and completeness in analysis and reporting.
• Improvement Mindset: Identify opportunities to enhance processes, tools, and data quality.

Benefits & Rewards

Thermo Fisher Scientific offers a comprehensive Total Rewards package, including competitive compensation, annual incentive opportunities, healthcare and retirement benefits, paid time off, employee stock purchase plan, and career development resources.