Cómo inscribirse

Descripción de la oferta

Key Responsibilities Responsibilities include but are not limited to: Audits & Assurance Plan, coordinate and support OT security audits, assessments and self-assessments across sites and regions. Act as the primary interface for internal audit, external auditors, regulators and assessors on OT security matters. Ensure audit findings are risk-assessed, prioritised, tracked and remediated in collaboration with stakeholders. Maintain evidence, documentation and artefacts required to demonstrate compliance. Support alignment and assurance activities with applicable OT cybersecurity standards and regulations. Risk Management Lead and maintain OT cyber risk assessments, considering security, safety, environmental, assets and regulatory impacts aligned to 62443. Ensure OT risks are documented, owned and aligned with risk management frameworks. Define and maintain risk registers, including threat, vulnerability and consequence-based risks. Support risk treatment planning and track risk acceptance, mitigation and residual risk decisions. Translate technical OT risks into clear, business-relevant risk statements for leadership and governance committees. Supply Chain & Third-Party Risk Management Own and maintain OT security requirements for suppliers, consultants and vendors. Assess and manage third-party cyber risks associated with OT systems, software, hardware and remote access. Support secure onboarding and ongoing assurance of critical OT suppliers and service providers. Ensure contractual and procurement processes include appropriate OT security access, and resilience requirements. Monitor and respond to supply-chain-related vulnerabilities, advisories and incidents. External Compliance Training & Awareness Own and coordinate OT security strategy for training and awareness for internal teams, contractors and relevant third parties. Ensure training content reflects real OT risks, regulatory expectations and operational realities. Support compliance-driven training obligations required by regulators, customers/contractual commitments. Promote a risk-aware and safety-conscious security culture across engineering and operations. Track and report on training and awareness completion and effectiveness where required. Incident Response (IR) Support and govern OT-specific incident response planning and readiness. Ensure OT incident response procedures are aligned with safety, operational and regulatory requirements. Coordinate OT involvement during incidents, including forensics, reporting and post-incident reviews. Ensure lessons learned are captured and translated into improvements to controls and processes. Business Continuity & Disaster Recovery (BCP/DR) Support the development and governance of OT business continuity and disaster recovery plans. Ensure BCP/DRP reflects realistic OT recovery scenarios, dependencies and constraints. Align OT recovery objectives with safety, production and regulatory expectations. Participate in and support BCP/DRP testing, exercises and reviews. Ensure cyber-related disruptions are considered within operational resilience planning. Crossover Responsibilities Act as a central point of coordination between security, engineering, operations, legal, HSEQ and compliance. Maintain OT security policies, standards and procedures within the GRC domain. Support executive and board reporting on OT security risk, compliance status and resilience. Knowledge, Skills And Abilities 5-10 years’ strong knowledge of OT cybersecurity governance, risk and compliance. Strong expertise of IEC 62443 series. Understanding of cyber/physical risk, safety, environmental, assets and regulatory impacts. Experienced understanding of industrial environments, OT lifecycles and operational constraints. Skilled in conducting/coordinating OT security audits, assessments, compliance activities and maintaining risk registers. Able to support IR, BCP and DRP planning and exercising. Delivering and coordinating OT training and awareness strategies. Expert in preparing clear documentation, evidence and executive-level reporting. Ability to communicate complex risk clearly to technical and non-technical audiences. Ability to work across global and regulated environments. Cross-team collaboration, attention to detail, documentation discipline, risk communication & continuous improvement mindset #J-18808-Ljbffr

Cómo inscribirse

Para obtener más información y suscribirte, haz click aquí

Mas info

OT Security – GRC

OT Security – GRC