Job Title: Senior OT Cyber Security Analyst
Company: Lightsource bp Powered By Hassan Allam (Lightsource bp fully acquired by bp in 2024)
Lightsource bp is a global leader in onshore renewables, committed to delivering large-scale renewable and energy storage solutions to help decarbonise the world. We operate with five core values: Safety, Integrity, Respect, Sustainability, and Drive, and are looking for talented individuals who share these values.
Summary
We are seeking a dynamic, hands‑on senior analyst responsible for monitoring cyber risk and facilitating remediation of vulnerabilities in IT and OT systems across the organisation. The role leverages Microsoft security stack and requires strong threat intelligence, mentoring, and global collaboration.
Responsibilities
* OT & IT Security Monitoring: Continuously monitor the security of both OT and IT environments, including SCADA systems, Industrial Control Systems (ICS), and supporting infrastructure for potential threats, anomalies, and signs of compromise.
* Threat Hunting & Incident Response: Utilise tools such as Azure Sentinel, Defender XDR, Defender IoT, Cisco Secure Access, Purview, and Tenable to proactively hunt for security threats across IT and OT networks, leveraging threat intelligence relevant to the organisation.
* Vulnerability Management & Patching: Identify and assess vulnerabilities within SCADA, ICS, and OT devices, ensuring timely remediation in collaboration with Infrastructure, Digital Workplace, and Support teams.
* Regulatory Compliance & Audit Support: Ensure compliance with NIST 800‑82, IEC 62443, OG86, NERC‑CIP, SOCI, NIST‑CSF, NIS2 and other relevant regulations. Assist in cyber security audits and risk assessments for OT environments.
* Security Policy & Governance: Support the development and enforcement of OT security policies, standards, and procedures, ensuring alignment with industry frameworks and best practices.
* Stakeholder Communication: Work closely with Cyber Security Managers, OT Engineers, and Business Leaders to communicate risks, provide updates during security investigations, and drive awareness of OT‑specific threats.
* Incident Investigation & Documentation: Ensure all security incidents within the OT environment are fully investigated, documented, and addressed, improving incident response capabilities.
* Security Hardening & Best Practices: Assist in securing industrial networks, remote access solutions, and third‑party integrations by applying industry best practices, including network segmentation, zero‑trust principles, and access controls.
* Define and Measure Excellence: Establish clear security performance metrics and targets that align with the expectations of customers, internal asset management teams, and O&M teams. Ensure security best practices are embedded within OT operations.
* Enhance OT & SCADA Security Awareness: Raise the profile of OT Security and SCADA Security both internally and externally. Work closely with Marketing, communications, and security awareness teams to promote a security‑first culture.
Knowledge
* SIEM – Azure Sentinel, Defender for IoT, Defender XDR, Defender for Cloud, Defender for Cloud Apps, Defender EASM, Copilot for Security
* Vulnerability Management – Defender XDR, Tenable IO/Nessus, Defender EASM
* EDR – Defender for Endpoint
* Data Governance – Purview
* IDAM – Entra
* Device Management – working understanding of Intune including MDM/MAM
* Networking/Firewalls – exposure to Fortinet, Cisco FirePower and Cisco Meraki desirable
* Knowledge of NIST 2.0 Cyber Security Framework required
* Knowledge of IEC 62443 OT standard required
* Good understanding of ISO27001 and Cyber Essentials Plus requirements required
* ITIL Knowledge – Good understanding of ITIL principles and their application required
* Knowledge of NERC CIP and/or SOCI standards desirable
Qualifications
* Bachelor’s degree in Computer Science, Information Security, or a related field.
* Azure Security Engineer (AZ‑500), Certified Cyber Professional (CCP), Certified Information Systems Security Professional (CISSP), CompTIA Security+, GCIA, GCIH
Experience
* Extensive experience in managing and utilizing Azure Sentinel, Defender for IoT, Defender XDR, Defender for Cloud Apps and Defender for Cloud/EASM
* At least five years’ experience in security incident handling and security incident response
* Demonstratable experience of working in a Microsoft‑focused cloud environment.
* Proven experience of understanding and responding to cyber threats
* Expertise in information security technologies: firewalls, intrusion detection, vulnerability assessment tools, logging solutions, gateway security products, end‑point security products, authentication mechanisms, etc.
* Experience of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.
* OT Cyber Security experience is desirable but not required.
* Experience in stakeholder management and engagement to C‑Suite level.
* Experience working for Critical National Infrastructure (CNI) Organisations
Why you’ll want to work for us
Our culture supports personal growth, inclusion, and respect. We provide a competitive salary, annual bonus, retention bonus, health insurance, pension, and other benefits. We also offer initiatives for personal development, charitable causes, and sustainability projects.
Our Core Values
* Safety – ensuring a safe workplace and operational environment.
* Integrity – upholding the highest standards of honesty and accountability.
* Respect – treating colleagues, communities, and the environment with dignity.
* Sustainability – responsibly powering the world with renewable solutions.
* Drive – pioneering innovation and leading the global energy transition.
#J-18808-Ljbffr