OT Security Risk Manager - Warwick
Job Title : OT Security Risk Manager
Location : Hybrid/Warwick - 2 days in office per week
Contract Details : Full-time, Permanent
Salary : £60, - £80, annually
About Our Client :
Our client, a prominent player in the Utilities sector, is dedicated to facilitating safe, dependable, and efficient energy connections. They uphold a steadfast commitment to operational excellence, ensuring the seamless functioning of their energy network to deliver high-quality service to their customers.
Responsibilities :
As the OT Security Risk Manager, you will lead the Security Risk Team, responsible for evaluating cyber and physical risks and providing data-driven insights to guide strategic decision-making. Focusing on Operational Technology (OT) and its associated IT ecosystems, including control centres, Optel Network & Services, critical data centres, and substations, you will develop an overarching cyber risk management strategy and establish a cohesive framework.
Your responsibilities will include :
1. Crafting and implementing the company's OT Cyber Risk Framework
2. Establishing uniform protocols for identifying, documenting, and addressing OT Cyber Security risks company-wide
3. Engaging with senior leadership and external stakeholders to align on the organisation's Cyber Risk Framework
4. Collaborating with interdisciplinary teams to devise customised risk management solutions tailored to specific cyber challenges
5. Supervising a team of specialists in Operational Technology Cyber risk management
6. Delivering comprehensive reports on risk assessment, mitigation strategies, and investment priorities
Essential Skills, Qualifications, Experience :
7. Proven track record in applying risk assessment methodologies such as NIST -30, ISO, IEC, FAIR
8. Familiarity with industry best practises and security control frameworks including NIST 53, ISO, IEC, NIST CSF, NCSC CAF
9. Experience implementing security risk management frameworks such as NIST -39, -37
10. Ability to effectively communicate complex concepts to senior stakeholders
11. Basic understanding of ICS/SCADA frameworks like the IEC framework
Desirable Skills, Qualifications, Experience :
12. Knowledge of UK Network & Information Systems (NIS) Regulations
13. Previous involvement in Cyber Security initiatives
14. Familiarity with MITRE ATT&CK framework
15. Prior experience in risk management within an Operational Technology environment
16. Leadership and team management experience, preferably in critical infrastructure settings
17. Proficiency in Microsoft Office Suite, particularly Excel and SharePoint
18. Familiarity with Power BI and Visio
19. Relevant Information Security certifications such as CISSP, CISM, CISA
20. Ability to obtain and maintain security clearance
Technologies :
21. Cyber Security
22. Risk Management
23. Cyber Risk
24. NIS Regulations
25. Client Engagement
26. Team Leadership (Direct supervision of 6 staff, oversight of 10-20)
27. Continuous Improvement
28. Centralised Security
29. Governance Meetings
30. Control Centres
31. Critical Data Centres
32. Substations
33. Optel Network and Services
How to Apply :
If you possess a strong background in Risk Management and are committed to safeguarding critical systems in the Utilities sector, we invite you to apply. Please submit your updated resume along with a cover letter highlighting your relevant expertise and qualifications.
Adecco is a disability-confident employer. It is important to us that we run an inclusive and accessible recruitment process to support candidates of all backgrounds and all abilities to apply. Adecco is committed to building a supportive environment for you to explore the next steps in your career. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
KEYWORDS:
Cyber Security / Cyber Sec / Risk Management / Risk / Cyber Risk / NIS Regulations / Network and Information Systems Regulations / Client Liaison / Team Lead / Continuous Improvement / Central Security / Governance Meetings / Control Centres / Critical / Cyber Security / Cyber Sec / Risk Management / Risk / Cyber Risk / NIS Regulations / Network and Information Systems Regulations / Client Liaison / Team Lead / Continuous Improvement / Central Security / Governance Meetings / Control Centres / Critical / Cyber Security / Cyber Sec / Risk Management / Risk / Cyber Risk / NIS Regulations / Network and Information Systems Regulations / Client Liaison / Team Lead / Continuous Improvement / Central Security / Governance Meetings / Control Centres / Critical / Cyber Security / Cyber Sec / Risk Management / Risk / Cyber Risk / NIS Regulations / Network and Information Systems Regulations / Client Liaison / Team Lead / Continuous Improvement / Central Security / Governance Meetings / Control Centres / Critical /
To speak to a recruitment expert please contact
MoreInformation