-
Job Description
Contract Position
The full job description covers all associated skills, previous experience, and any qualifications that applicants are expected to have.
Our client are seeking an Information Security Specialist (Operational Technology) to bolster the security of their OT network, ensuring the robustness of critical national infrastructure in alignment with legislative, regulatory, and business security protocols. This role will be integral to our new Cyber Security Programme, collaborating with various stakeholders including Project & Programme management, business analysts, architects, and suppliers within regulatory frameworks.
Key Responsibilities:
- Collaborate with the Information Security Assurance Manager and OT Security Lead to execute the Cyber Programme, contributing to the cyber security roadmap and implementing necessary security measures.
- Conduct threat modelling and assessment exercises for the OT environment.
- Review and contribute to design documents ensuring compliance with relevant security standards and regulatory requirements.
- Participate in Technical Design Authority (TDA) and Architecture Review Board (ARB) meetings, providing approval for designs affecting the OT environment.
- Perform cyber security risk assessments, compliance checks, audits, and reviews, identifying and addressing any security gaps.
- Document security requirements and ensure implemented solutions align with agreed-upon standards.
- Maintain and communicate local security procedures in accordance with Cyber Security regulations.
- Propose and coordinate delivery of mitigating actions to manage risk levels.
- Collaborate with the OT Security Lead and Corporate IT team to implement necessary security solutions.
Preferred Experience:
- Direct experience in OT infrastructure environments, preferably within the utilities sector.
- Familiarity with Microsoft Security tools, data communications/network infrastructure security, and tender processes for security tools/services.
- Knowledge of physical security protocols and systems.
- Desirable experience with Industrial Controls Systems (ICS), Industrial Networking, SCADA, PLC, and implementation of security controls as per IEC 62443 standards.
- Understanding of network segmentation strategies as per Purdue Enterprise Reference Architecture.
- Familiarity with Gallagher Command Centre Systems, BOSCH Video Monitoring System, and Stentofon security communication system is advantageous.
Qualifications and Skills:
- Technical security expertise with a strong team focus.
- Excellent communication, relationship-building, and influencing skills.
- Ability to work under regulatory conditions and within a collaborative team environment.