OT Vulnerability Analyst
London | Glasgow | Portsmouth
£53.8k - £64.6k per annum (Dependent on skills & qualifications)
Competitive pension scheme – Enhanced maternity/paternity pay – Life assurance – HolidayPlus – Cycle2work Scheme & more
REQ4577
Role Overview
An experienced OT Vulnerability Analyst to ensure that OT vulnerabilities are identified by cyber tools, assessments, and audits are assessed, prioritized, and risk managed appropriately and in line with policies. You will also be responsible for providing relevant technical/nontechnical security reports to the vulnerability manager.
Our Mission
We deliver safety, warmth, and comfort to homes and businesses across the community. Whether you're supporting from the office or working on the front line, every role plays a part.
How you’ll support us
1. Provide cyber security assurance activities by ensuring implemented solutions are aligned with approved architecture documents.
2. Propose solutions and coordinate mitigation actions to align risk levels with risk appetite.
3. Coordinate with third-party vendors, MSSPs, penetration testers, attack path mappers, and SOC operators, including remediation follow-ups.
4. Assist in delivering new security tooling with the technical security and assurance team.
5. Provide security consultations for OT Security projects within the Cyber programme.
6. Review architecture documents for compliance with security policies, standards, and regulatory requirements.
7. Participate in Architecture Review Board and Technical Design Authority meetings for design sign-offs.
8. Embed security requirements into project processes and conduct pre-go-live audits.
9. Collaborate with IT/OT Security Leads and the wider IT team to deliver solutions.
10. Configure vulnerability management tools for IT and OT assets.
11. Assess and prioritize vulnerabilities, implement controls, and track remediation efforts.
12. Provide vulnerability metrics and reports, including outstanding vulnerabilities and risk mitigation plans.
13. Support service improvement initiatives.
Minimum Requirements
We seek candidates with a blend of skills and attributes. If you don’t meet every criterion, we offer tailored learning and development programs.
* At least 2 years of cybersecurity experience within an OT environment, with strong OT/ICS knowledge.
* Proven expertise in three of the following domains: Vulnerability Management, Security Risk & Compliance, Security Architecture, Endpoint Protection, Network Security, or Security Engineering.
* Practical understanding of cybersecurity frameworks such as NCSC, NIST, ISO 27001, IEC62443, etc.
* Experience with Cyber Assurance Frameworks and working with Regulators for OT compliance.
* Knowledge of the Purdue Model and network segmentation strategies for OT security.
* Security Clearance is required.
Why SGN?
SGN is a leader in pioneering research towards a net-zero energy system. Our innovative technologies are driving change in the gas industry while keeping people safe and warm.
About us | Benefits | Diversity and inclusion
If you require accommodations or support during the application process, please reach out. We are committed to an inclusive and accessible experience for everyone.
Watch us in action: https://www.youtube.com/watch?v=7Q_sWyz7KEI
#J-18808-Ljbffr